{"458101":{"#nid":"458101","#data":{"type":"news","title":"Campuswide Phishing Training Begins This Month","body":[{"value":"\u003Cp class=\u0022p1\u0022\u003EThe Georgia Tech Cyber Security Team is going phishing.\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003ELater this month, the group will conduct a campuswide phishing exercise to help educate students, faculty, and staff on cybersecurity risks and how to identify phishing threats in an email.\u0026nbsp;\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003EThe exercise, which will take the form of a regular email, will contain a link to a non-Georgia Tech page that will ask you to enter your Georgia Tech login credentials. There will be apparent red flags in the email, though, that should raise suspicion and stop recipients from taking the proverbial bait. Anyone who enters a username and password on this fake page will be directed to an onscreen training page with tips on how to avoid a real threat.\u0026nbsp;\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003E\u201cThis is a non-punitive exercise, so information about individuals who provided their username and password will not be shared,\u201d said Jason Belford, interim associate director for Georgia Tech Cyber Security. \u201cWe will review the results to help us refine our future training efforts. It is critical to conduct these continuous training exercises to help build and maintain awareness throughout the entire community.\u201d\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003EGeorgia Tech Cyber Security has seen positive results when they have conducted similar exercises with individual departments and small groups of users on campus. In past exercises among those on campus who had not had phishing training, around 20 to 25 percent of people fell prey to the fake email. Following training, that percentage decreased to around 3 to 5. This month\u2019s exercise, supported by the Office of the President, is the first campuswide phishing exercise and will be repeated every semester.\u0026nbsp;\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003EHow big of a problem is phishing on campus? Last year, hundreds of accounts were compromised \u2014 a significant increase from previous years that has grown even larger this year. Belford notes that all notable hacks in recent years, such as those involving Target and The Home Depot, began with a phishing message.\u0026nbsp;\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003EWhile preventing all forms of phishing is not possible, one safeguard users can employ is to always check where the URL link in an email is pointing \u2014 before clicking. This can be done by hovering over the link before clicking, or by touching and holding on the link to preview it if you use a smartphone. If the domain doesn\u2019t match what you expect it to, that should be a giveaway. For more information, visit \u003Ca href=\u0022http:\/\/www.security.gatech.edu\/phishing\u0022\u003E\u003Cstrong\u003Ewww.security.gatech.edu\/phishing\u003C\/strong\u003E\u003C\/a\u003E.\u0026nbsp;\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003EThose on campus who think they have received a phishing message should forward it to \u003Ca href=\u0022mailto:phishing@gatech.edu\u0022\u003E\u003Cstrong\u003Ephishing@gatech.edu\u003C\/strong\u003E\u003C\/a\u003E, or just delete it. Forwarding such messages to Cyber Security helps the team use them to increase operational effectiveness as well as better understand current phishing trends.\u0026nbsp;\u003C\/p\u003E\u003Cp class=\u0022p5\u0022\u003EThe phishing exercise will hit inboxes in late October, coinciding with National Cyber Security Awareness Month.\u003C\/p\u003E","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp class=\u0022p5\u0022\u003ELater this month, the group will conduct a campuswide phishing exercise to help educate students, faculty, and staff on cybersecurity risks and how to identify phishing threats in an email.\u0026nbsp;\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Later this month, the group will conduct a campuswide phishing exercise to help educate students, faculty, and staff on cybersecurity risks and how to identify phishing threats in an email."}],"uid":"27469","created_gmt":"2015-10-12 10:50:16","changed_gmt":"2016-10-08 03:19:43","author":"Kristen Bailey","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2015-10-12T00:00:00-04:00","iso_date":"2015-10-12T00:00:00-04:00","tz":"America\/New_York"},"extras":[],"hg_media":{"458111":{"id":"458111","type":"image","title":"Phishing","body":null,"created":"1449256347","gmt_created":"2015-12-04 19:12:27","changed":"1475895202","gmt_changed":"2016-10-08 02:53:22","alt":"Phishing","file":{"fid":"203535","name":"phishing.jpg","image_path":"\/sites\/default\/files\/images\/phishing_0.jpg","image_full_path":"http:\/\/tlwarc.hg.gatech.edu\/\/sites\/default\/files\/images\/phishing_0.jpg","mime":"image\/jpeg","size":232158,"path_740":"http:\/\/tlwarc.hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/phishing_0.jpg?itok=BrZgWDBV"}}},"media_ids":["458111"],"related_links":[{"url":"http:\/\/www.security.gatech.edu\/phishing","title":"More Information About Phishing"}],"groups":[{"id":"1214","name":"News Room"}],"categories":[{"id":"129","name":"Institute and Campus"}],"keywords":[{"id":"1404","name":"Cybersecurity"},{"id":"9299","name":"Office of Information Technology"},{"id":"4112","name":"oit"},{"id":"8111","name":"phishing"},{"id":"2661","name":"training"}],"core_research_areas":[],"news_room_topics":[{"id":"71871","name":"Campus and Community"}],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003E\u003Ca href=\u0022mailto:kristen.bailey@comm.gatech.edu\u0022\u003EKristen Bailey\u003C\/a\u003E\u003Cbr \/\u003EInstitute Communications\u003C\/p\u003E","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}