Phishing Awareness Training Campaign

Information security

The purpose of phishing awareness training is to raise security awareness and educate UVic faculty and staff on the dangers of phishing scams, how to avoid malicious hackers, how to protect your personal information, how to avoid sending email that may look like phishing to others, and how to minimize the risk of phishing to the university.

Visit our Phish Bowl page to see examples of phishing and malicious emails that the UVic Information Security Office has analyzed.

Online training via Brightspace

UVic faculty and staff can click on the registration button below to self-register for online phishing awareness training:

Register for online training in Brightspace

Simulated Phishing Training

Simulated Phishing Training is a recognized approach for cybersecurity awareness and training to reduce risks associated with phishing.  Simulated Phishing Training consists of generating emails that resemble real phishing emails we have received, and sending 3-4 such simulated phishing emails to UVic email accounts on a monthly basis. If the recipient ignores the email/does not click, as intended, then there is no further action. If the recipient interacts with the message, such as clicking on a simulated phishing link, they will be presented with just-in-time training with some tips on how to tell the message was not legitimate so that they can better detect similar messages in the future.

The system will not share individual results on who clicks or provides credentials, nor will it capture any supplied credentials or passwords.  We will only report at an aggregate institutional level on the  percentage of individual recipients who clicked relative to emails sent. The reporting will assess the effectiveness of the training approach and whether individuals are responding less frequently to phishing emails. These overall results will help us determine whether relative risk due to phishing is increasing or decreasing, so our cybersecurity program can respond appropriately.

If you have any questions, please contact the Information Security Office.

• Related support
• Related services

How-tos

• 10 ways to spot a phish
• Frequently asked questions
• Safe web browsing: blocked malicious URLS

Information security Exchange ActiveSync policies Cybersecurity communications Cybersecurity awareness for students Cybersecurity and remote work Secure your data Security design Whole disk encryption Email warning banners Anti-virus and endpoint protection Network protection Phishing Awareness Security threat and risk assessment Security camera recording service Security standards Virtual Payment Terminal