Phishing Awareness Program
The Phishing Awareness Program promotes awareness, education, and safety concerning phishing attacks. The goal of the program is to help our Stanford community protect themselves and the university by learning to recognize malicious emails.
How the program works
The Phishing Awareness Program has three main aspects: phishing simulation emails, awareness communications, and training opportunities.
Phishing simulation emails
The program periodically sends an email to participating audiences that resembles a phishing message.
This method is designed to create a safe, educational environment for a recipient to practice phishing email identification with no penalty to them if a link is clicked. Individual results will never be reported.
Awareness communications
Ongoing awareness resources and communications by the Phishing Awareness Program are designed to keep you in the know.
Training opportunities
A variety of training courses offer you opportunities to learn more.
Use the infographic for quick guidance
Bookmark, download, or print this infographic for an easy reminder on why and how to stay safe:

Phishing: what you need to know.
Scammers are after your:
- Passwords
- Financial info
- Identity
- Money
Why do we fall for these scams?
- Urgency
- Desire to please
- Greed
- Curiosity
- Complacency
- Fear
Probability that a phishing message succeeds: 1 out of 10!
Watch out for:
- Spelling and grammar errors
- Sender address
- Things that sound too good to be true
Beware of unsolicited messages:
- Attachments
- Links
- Login pages
If you see something, say something!
Click the image to see full-size version
What to expect with the program emails
Below are the types of emails you can expect us to send or not to send through the Phishing Awareness Program.
Email themes | Phishing awareness program |
---|---|
Holiday and calendar events (Halloween, tax day, etc.) | Supported |
Usage of the Stanford name and references | Supported |
Delivery services | Supported |
Public safety and pandemic awareness | Not Supported |
Environmental disasters | Not Supported |
Actual Stanford organizations, departments, and people | Not Supported |
Take action
Get help
Report a phish
The best way to report is to use the Phish Reporter Button, but you can also forward the suspicious emails to phishing@stanford.edu if you cannot use the Phish Reporter Button.