An image of a ninja with a fishhook planted in some guy's computer

As part of the SUNY Broome ITS Security Awareness Training Campaign initiative, ITS is sending out this notification as a reminder of its Phishing Simulation Campaign for 2021. 

  • Each month sees over 87,000 unique phishing campaigns targeting over 50,000 websites and organizations. 
  • Phishing played a role in over 90% of security incidents and breaches that involved human error. 
  • Currently, there is no technical means to stop phishing. This means that user awareness training and real-world exercises are the best methods of prevention.

SUNY Broome has previously run self-hosted phishing simulation campaigns through KnowBe4, as well as SUNY-led phishing campaigns via SUNY SOC. In 2021, these simulations will be run on a monthly basis for all Faculty & Staff. Students are excluded from these simulations. The first phishing simulation will be announced, and reminders will be published quarterly, but other months, phishing simulations will run unannounced. 

The purpose of this campaign is purely educational. All results are anonymous and confidential. No managers will have access to the data results of their employees. This exercise and the results therein will not be used to reprimand, punish, embarrass, shame or otherwise disparage any participant at any time, in perpetuity. Users who fail the exercise by submitting their credentials will be immediately notified of the exercise. Users who repeatedly fail the phishing simulation will be offered additional security training. No persons shall be targeted for individual, personalized phishing simulations, i.e. Spear-Phishing.

Employees can access annual security awareness training materials through, and supplemental awareness materials will be provided on a regular basis. Learn how to recognize and avoid phishing scams on the FTC’s Privacy, Identity & Online Security webpage.

Please report all suspicious emails, phishing and other cybersecurity incidents to All feedback, questions and comments are welcome.

How to Recognize and Avoid Phishing Scams

Privacy & Identity Online Security

Submitted by: ITS