This simulation was designed to assess and improve your organization’s ability to recognize and respond to phishing attempts, which remain one of the most common social engineering methods used by threat actors to compromise enterprise systems.

You received and interacted with a simulated phishing email. Clicking the link brought you to this landing page to raise awareness and provide actionable guidance on identifying suspicious messages in the future.

Responding to phishing attacks requires extra caution both before and after you’ve been targeted or potentially compromised.

Before you're targeted:

• Be cautious of unsolicited emails, texts, or messages – especially those with unexpected links or attachments.
• Stay alert to the evolving tactics used in phishing attacks – attackers constantly change their methods to appear legitimate.

• Learn to recognize common phishing red flags, such as urgent demands, suspicious links, typos, or unexpected requests for sensitive information.

   

If you suspect a phishing attempt:

• Don’t click any links or download attachments from suspicious emails.
• Verify the sender – use a known or publicly available phone number or email address to confirm the message is legitimate.
• Never scan or interact with unverified QR codes.

• Report it – send any suspicious emails as an attachment to cirt@utmb.edu for review.

   

If you fall for a phishing attack:

• Immediately change passwords for any potentially compromised accounts.
• Have your computer or device scanned for malware or suspicious activity.

• Act quickly — early reporting helps protect others and limit the impact. Contact cirt@utmb.edu to report a security incident. 

   

Thank you for being security aware.