Phishing Awareness Training Campaign

Information securityInformation security

The purpose of phishing awareness training is to raise security awareness and educate UVic faculty and staff on the dangers of phishing scams, how to avoid malicious hackers, how to protect your personal information, how to avoid sending email that may look like phishing to others, and how to minimize the risk of phishing to the university.

Nav Bassi, Director of Academic & Admin Services, breaks down cybersecurity by answering five common questions about this important topic. For more details see the full InsideIT blog article.

Visit our Phish Bowl page to see examples of phishing and malicious emails that the UVic Information Security Office has analyzed.

Information sessions

To arrange an information for your department or group, please send a request to, or you can view this short video (16 mins).

Note:  The information in the video is the same as what is presented at the information session.

Online training via CourseSpaces

UVic faculty and staff can click on the registration button below to self-register for online phishing awareness training:

Register for online training in CourseSpaces

Simulated Phishing Exercise

Information Security has a service in place to simulate a phishing campaign for a group of users. Emails are sent that imitate common phishing emails. If the fake link in the email is clicked, we advise the user that this was a simulated phishing link, provide some tips for how to spot the phish better, and link to our phishing awareness and training pages.

Please contact the Information Security Office if you are interested in this service.

Privacy notice:

To deliver phishing awareness training, UVic will save the targeted audience's business contact information (first name, last name, and UVic email address) to a UVic operated cloud server, hosted in Canada, for the sole purpose of contacting you as part of this training.  Upon completion of this initiative or by university request, we will permanently delete all data collected. We will not collect any credentials as part of simulated phishing awareness training. Any questions about this privacy notice can be directed to the Information Security Office.