Recently, a number of colleges and universities have organized phishing email network security drills, and the results show that a considerable proportion of teachers and students in some colleges and universities have been recruited.
For example, Taiyuan Institute of Technology WeChat *** reported on December 18 that the institute carried out a special drill for phishing emails in the education system in 2023 from December 1 to 7, 2023, and simulated hackers sent the theme of "Notice on the upgrade of the school's OA system" and "Notice of remote login of the account of the education management system platform" to the teachers and students of the college A total of 19,676 phishing emails were sent, 2,737 teachers and students read the emails, and 1,370 teachers and students were recruited, with an overall reading rate of 1391% and 50% of the winning rate05%。
According to the Taiyuan Institute of Technology, according to the evaluation and comparison of the drill data of the teacher group and the student group, the reading rate of phishing emails is 18 for teachers24%, 13 students62%, phishing emails are more confusing, especially deceptive, and easy to attract the attention of teachers and students;Phishing emails recruit teachers 2675%, 52 students17%, teachers and students' ability to identify phishing emails needs to be improved, especially when students are more likely to be tricked when faced with inducing "prompts". Judging from the overall situation of the drill, the safety awareness of teachers and students is relatively weak, and there are great potential safety hazards. In the case of many flaws in the content of the phishing emails, there are still a large number of teachers and students who click on the link multiple times to submit data, and do not identify the phishing emails** and run phishing attachments from unknown sources. It can be seen how inducing the fishing ** is!Students must keep their eyes open and carefully check the domain name and the link in the email.
From December 7th to 10th, Yangtze University also held a "phishing email" attack and defense drill for all teachers and students. The drill data shows that under the inducement of highly confusing emails, as of 20 o'clock on December 9, a total of 5,141 emails were sent in this phishing drill, and 463 people read the emails, accounting for 9% of the total number of people, of which 265 people clicked on the email link, accounting for 572%, 201 people submitted personal data (73 teachers, 128 students), accounting for 434%。
According to the school, judging from the feedback from the drill activities, the "phishing email" link open rate and personal information data submission rate are high, and the awareness of network security prevention among teachers and students needs to be improved urgently. However, some careful teachers and students found that there are many vulnerabilities in "phishing emails", such as administrator email spoofing, domain name error, organization name spoofing, link camouflage, etc.
In addition, according to the news released by Nanjing University on December 17, in order to enhance network security awareness and protect the information security of teachers and students, the university organized a cybersecurity drill for phishing emails. In this exercise, most of the teachers and students saw through the "disguise" of phishing emails and actively gave feedback and reports to the information center, which fully reflected everyone's good awareness of network security, but some teachers and students were not spared.
A total of 51,092 emails were sent by Nanjing University in this exercise, of which nearly 2 5 teachers and students opened the email, more than 1 10 teachers and students clicked on the link, and nearly 1 20 teachers and students submitted data. In the group of doctoral students, master's students, and undergraduate students, there are ...72% clicked on the link08% of the respondents submitted data, and the master's student group was more vigilant.
According to Southwest Jiaotong University, from December 1 to December 13, the school quietly carried out a special drill for phishing emails throughout the school, formulated four email themes, and sent a total of 57,629 phishing emails. In this exercise, 10,950 teachers and students read the email, and 6% of teachers and students were recruited. Some teachers and students have seen through the "tricks" of phishing emails, reported suspicious emails through service groups and other channels, reminded people around them not to be fooled, and even reported the sending email address to the domain name provider.
*: The Paper.