Our campus Phishing Commissioner (the “Phish Commish”, if you will) knows consistency counts in any effective fitness regimen. Practice, practice, etc.

In 2017, we’ll practice looking for the 7 red flags of a socially engineered email with these questions:

• Who’s it from?
• Who’s it to?
• When did it arrive?
• What’s the subject?
• How does the content look?
• Are there attachments?
• Are there links?

Each month, we’ll focus on one of the 7 tenets of phish-detection right here in this newsletter. Then, later in the month, our Phish Commish will email a phishing exercise that lets us try out our newly-learned (or reminded) detection skill. By the end of the year, we’ll be pros at assessing emails for harbingers of doom. In addition, if higher-ed specific phishing threats emerge from the cybersphere along the way, our Phish Commish will coach us on those, as well.

Phish exercises will start in February (‘cause January fitness plans are so cliche).