OIS: FAQs: Phishing: Internal Phishing

Internal phishing is when OIS creates its own phishes and sends them to randomly selected users.  Internal phishing is an educational initiative meant to teach users how to detect phishes.

Internal phishing is done in "campaigns" and there are several campaigns throughout the calendar year.  Each campaign is announced in advance in Campus Announcements. 

At the start of each campaign, OIS selects a random group of users and send phishing emails to those users.  If a user clicks on one of OIS' phishes, that user is taken to a web page where they will be informed that they clicked on an OIS phish.  The page also provides information (e.g., a video or text) telling the user how they could have identified the phish.

Statistics are kept for each campaign: how many phishes were sent out, how many users clicked on the phishes.  OIS does not keep track of individual user names.

If you receive an email that you think is an OIS phish, please do not click on it out of curiosity as this will skew the statistics.  Just delete the email or call the Helpdesk at x2692 to report a phish.

For more information about internal phishing, contact the Helpdesk at x2692.