The Biggest Fisher

The Biggest Phisher: Week 3 Wrap Up

The Biggest PhisherThere was a huge shakeup this week, and now one phisher has taken sole control of first place. But there are still a lot of phishers in striking distance as we head into the home stretch! The top 30 phishers all still have a chance to take the title home!

The Leader Board

Place Codename
1st Turkey
2nd SneakySniffer
3rd Sally Ride
4th Valkyrie
5th Obtuse
6th emtrek
7th phishfood
8th techOne
9th Sivermist
10 OffTheHook

October 16: Time Reporting

Phishing ExampleThere are a lot of emails that you are desensitized to seeing, like the ones that payroll sends. In this case, it turned out not to be an effective phishing message because it fell below your radar, and not many people reported this one. Not many people clicked, either. But you also spotted that it was for September rather than October pretty easily.

October 19: Box Seats!

Phishing Email Example
You might have been primed to look for fake athletics phishing messages after last week. Y’all spotted the typosquatting domain very easily. But it looks like for the most part, this one slipped by most of y’all, perhaps it looked real but got ignored…since only about half of you reported this one.

October 20: The Vaccine

Phishing Email Example
If there were a vaccine trial at SMU, this wouldn’t be how you found out about it… or at least that was the consensus of folks who spotted this one.

October 21: COVID SURVEY

Phishing Email Example
Surely they wouldn’t schedule 2 COVID-related phishing campaigns back to back? We did. It was slightly more effective than the previous day’s campaign in terms of clicks, but it got way more reports…good job on this one!

October 22: Susphishy Microsoft Warning

Phishing Email Example
This was the classic phish. What made this a little customized was that it appeared to include your email address that was masked to provide some legitimacy in the form of a visible security measure. We didn’t have the capability with our phishing tool to customize this field, but the bad guys can guess the first 4 digits of your credit card number, and make this kind of thing seem more realistic. Y’all saw the domain was weird and only one person clicked!


George Finney, J.D., CISM, CISSP
Chief Security Officer

Print Friendly, PDF & Email

Published by

George Finney

George Finney is the Chief Security Officer at Southern Methodist University. He is responsible for implementing and monitoring a diverse security infrastructure to protect the University network and data.