Phishing Simulation

Faculty and staff will start receiving mock phishing emails as part of a new phishing simulation program. This program is designed to help people identify a phishing scam by providing real-time feedback if they click the link included in the phishing email.

What will happen?

Starting this month, mock phishing emails will be sent to all faculty and staff once per month. If you realize it’s a phishing email, you can report it to reportspam-group@uncc.edu or delete it. However, if you fall for the phishing email and click the link, you’ll be sent to a page that explains you’ve been phished and offers tips on how to identify a phishing email.

ITS will receive a report after each simulation that shows the total number of employees who opened the phishing email and clicked the link. Over time, we hope to see lower click-rates and increased awareness of phishing scams to further protect University and personal information.

Why are these simulations being done?

To provide general feedback on our current cybersecurity education efforts and to further increase University awareness.

Where can I find cybersecurity education information?

Lots of information is available:

• Your Department’s Information Security Liaison (ISL) is a great resource for questions and information.

• Take the online Security Awareness Training (approx. 45 min).

• Review cybersecurity best practices.

Remember, report any suspicious emails to ReportSpam-group@uncc.edu and ITS will investigate. If you have any questions, please contact the IT Service Desk at ext. 7-5500 or your Information Security Liaison.