Were you offered free tickets to see “Harry Potter and the Cursed Child” at the Durham Performing Arts Center? Many Duke community members received that email and others as part of a simulated phishing campaign organized by the University’s IT and health information security offices.
In October, the Duke Security Offices partnered to run their annual joint phishing awareness program for Cybersecurity Awareness Month. The campaign was intended to test how students, faculty and staff recognize and respond to suspicious messages, according to Chief Information Security Officer Nick Tripp.
“The goal of that program is to increase awareness and education around phishing messages,” Tripp said. “We’ve been doing it for several years now because phishing is still the number one attack vector that we see in higher education environments, health care too.”…