Texas A&M University
Technology Services

"See a Fake?"
Phishing Campaign

About

In September 2019, the Texas A&M Division of Information Technology ran a campaign to educate the campus community on how and why to report phishing emails. The “See a Fake” campaign focused on communicating the complex idea of phishing (someone pretending to be someone else via email) by demonstrating the same concept using humor and highly-recognizable items or traditions from Texas A&M University, including mascot Reveille, a student Sports Pass, the Aggie Spirit bus, and the Aggie Ring. Using humor and Aggie-themed images, we hoped to grab our audience's attention long enough to impress upon them the importance of reporting phishing emails.

See a Fake Phishing Campaign

Our overall campaign was successful, leading to an 84.6% increase in help desk tickets reporting phishing attempts. Notably, our emails performed exceptionally well, with an average open rate of 40%, more than double the industry average.

Email

Informational emails were sent to all Texas A&M students and employees to inform them how to report a phishing email, why reporting is important, and give tips on identifying phishing emails. These emails performed over twice as well as industry average, with an average of 40% open rate (Constant Contact, Mailchimp).

Email with a fake Reveille header image

Signage

Physical Signage

Physical signage was utilized in computer labs across campus. We installed 3 poster series in 7 labs and smaller double-sided “monitor cards” were placed by computers. In the staffed labs alone, there are 1,035 workstations, 6 computer classrooms, and 2 study rooms that draw in students all year.

Posters with the same design but different fake-Aggie items telling people to report phishing emails to helpdesk@tamu.edu.

Digital Signage

Digital Signage was created to spread the message in even more locations, including Help Desk Central, the main customer-facing branch of the Division of IT.

Large digital screen in Help Desk Central displaying the Creepy 'white van' in your inbox? sign.

Links to digital signage available for download to use on signage across campus was sent out to IT professionals and the campus digital signage mailing list. By sending out our signage, we were able to get our message out to more places on campus, including campus libraries.

Social Media

Social media posts were written to be shared on Division of IT platforms during the month of September to promote reporting phishing emails to helpdesk@tamu.edu.

Posts on Facebook, Instagram, and Twitter.

Web Content

To help address the "why" of reporting, we designed an infographic that explains how the Division of IT works to protect campus inboxes. This was shared on social media in a news story explaining why reporting phishing attempts is important.

The Division of IT scans inbound email for malware, viruses, spam and phishing to keep as many malicious emails from TAMU inboxes as possible.

Additional resources were made available on our website, including an updated Safe Computing Guide toolbox with tips on what to do if or when you receive phishing or spam emails.