Drake continues to be targeted by individuals attempting to coerce faculty and staff to give away confidential information like usernames and passwords, personally identifiable information (PII), or computer access. Other attacks try to gain financial benefit by using fake invoices and wire transfers.

Because of this constant threat, ITS provides training on how to detect and respond to these types of attacks using simulated emails. These emails are a risk-free way to teach faculty and staff how to detect and report phishing. If you receive a simulated phishing email and open the link or attachment, you’ll be directed to an informational page letting you know the signs you may have missed.

Because phishing represents such a significant risk to campus, ITS is beginning to assign additional training to faculty and staff members who repeatedly click links or open attachments in phishing emails, simulated or not.

If you receive an email you suspect is phishing, don’t click any links, download any attachments, or reply. Instead, forward the email as an attachment to informationsecurity@drake.edu.

For more information on how to report phishing emails, see the IT Service Portal guide, Reporting a Phishing Message.

— Peter Lundstedt, ITS