Enhances staff awareness among employees about how phishing attacks work and the tactics used by attackers, making them more vigilant.

Identifies which employees or departments are more vulnerable to phishing, allowing targeted security training.

Regular testing with simulations can improve the speed and effectiveness of the response from both individuals and security teams to actual phishing attempts.

Reduces the risk of data breaches

All of the Above

Open the email and follow any instructions it contains.

Delete the email immediately without reporting it.

Report the email via Report Phish button in your UNSW O365 mailbox.

Forward the email to your colleagues to warn them.

65-80%

30-50%

15-25%

2-5%

Phishing click rate

Phishing report rate

All of the above

MyIT (myit.unsw.edu.au)

MyCyberHub (cybergovernance.unsw.edu.au)

MyUNSW (my.unsw.unsw.edu.au)

The reported phishing email automatically creates an IT service ticket and assigns it to the Security Operations Team to investigate.

The reported email is automatically sent to the Proofpoint Phish Analyser, which validates a dangerous phishing campaign with high accuracy.

The Security Operations team determines whether the reported phishing email is dangerous and has technology to remove/quarantine the validated phishing email from mailboxes of other recipients of the email.

All of the above.