Skip to content Skip to site navigation

Phishing Awareness Program

Learn to recognize malicious emails

The Phishing Awareness Program promotes awareness, education, and safety concerning phishing attacks. The goal of the program is to help our Stanford community protect themselves and the university by learning to recognize malicious emails. 

How the program works

The Phishing Awareness Program has three main aspects: phishing simulation emails, awareness communications, and training opportunities.

Phishing simulation emails

The program periodically sends an email to participating audiences that resembles a phishing message.

This method is designed to create a safe, educational environment for a recipient to practice phishing email identification with no penalty to them if a link is clicked. Individual results will never be reported.


Awareness communications

Ongoing awareness resources and communications by the Phishing Awareness Program are designed to keep you in the know.

Training opportunities

A variety of training courses offer you opportunities to learn more.

Use the infographic for quick guidance

Bookmark, download, or print this infographic for an easy reminder on why and how to stay safe:

phishing infographic - details below

Phishing: what you need to know.

Scammers are after your:

  • Passwords
  • Financial info
  • Identity
  • Money

Why do we fall for these scams?

  • Urgency
  • Desire to please
  • Greed
  • Curiosity
  • Complacency
  • Fear

Probability that a phishing message succeeds: 1 out of 10!

Watch out for:

  • Spelling and grammar errors
  • Sender address
  • Things that sound too good to be true

Beware of unsolicited messages:

  • Attachments
  • Links
  • Login pages

If you see something, say something!

Click the image to see full-size version

What to expect with the program emails

Below are the types of emails you can expect us to send or not to send through the Phishing Awareness Program.

Email themes Phishing awareness program​
Holiday and calendar events (Halloween, tax day, etc.) Supported
Usage of the Stanford name and references Supported
Delivery services  Supported
Public safety and pandemic awareness Not Supported
Environmental disasters Not Supported
Actual Stanford organizations, departments, and people Not Supported

Take action

Report a phish

The best way to report is to use the Phish Reporter Button, but you can also forward the suspicious emails to if you cannot use the Phish Reporter Button.

More details on how to report