Michigan Medicine uses simulated phishing to help members of the Michigan Medicine community practice spotting and reporting phishing emails. This initiative is designed to empower staff members to protect themselves and Michigan Medicine against cyber attacks.
Use Report Phishing Button
Members of the Michigan Medicine community are asked to report suspected phishing emails by clicking the Report Phishing button in their Outlook menu bar. Note that this button is not available on mobile devices. If you do not see the Report Phishing button, send the suspected phishing email to ReportPhish@umich.edu.
If You Get a Simulated Phishing Email
- If you report the phish, you'll be notified that you correctly identified a simulated phishing email and thanked for reporting it.
- If you click a link in the message, you will be directed to educational materials and tips to help you learn to identify phishing and other suspicious email.
Educational Materials About Phishing
Materials from Cofense (formerly called PhishMe):
- How to spot spear phishing (video)
- How to check hyperlinks in emails to see the destination URL (video)
- Use different passwords for each account to minimize effects of spear phishing (video)
- Phishing attacks imitate login forms (video)
Materials on the Safe Computing website:
- Don't Fall for Phish! Test your phish detection skills in this
U-Mphishing training. U-M's spear phishing video
- Shared Document Emails Can Be Traps. Shared documents aren't always what they seem.
- Ransomware: Don't Pay the Ransom!
- Phishing Alerts. Recent phishing emails seen at the university and Michigan Medicine.
- Anti-Phishing Education: Simulated Phishing. Includes U-M's self-phishing guidelines and norms.