Backend Lead
I am an undergraduate student at ODU going for my bachelors in Computer Science. I plan on pursing a career in Software Engineering after I graduate. Most of my training in coding has been in C++, but I do have experience in Java and Python."
Database Lead
Ralph Mpanu is a senior at ODU and is majoring in Computer Science. After graduating he plans on working as a software engineer. He enjoys fitness and practicing brazilian jiu-jitsu.
Webmaster
Joshua Freeman is a Senior at ODU and is majoring in Computer Science. He likes to read and play video games.
Team Mentor
Mustafa Ibrahim is a PhD student at ODU, specializing in Computer Science with a focus on Cybersecurity, particularly in Networking Security. He also enjoys playing soccer.
Frontend Lead
Ethan Barnes is another Senior at ODU, studying Computer Science. He is currently working at a flour mill as a Second Miller. He enjoys reading, the outdoors, and discovering new things. He has three children."
Team Leader
Hunter Pollock is a Senior at ODU currently studying and majoring in Computer Science, with the goal of getting a Master's degree in the graduate program. He enjoys playing video games, good food, listening to music, and learning about programming
Universities do not have the resources available to properly teach their students to identify and avoid phishing attacks.
Phishing is becoming more and more common in the modern world.
Over 3.4 billion phishing emails are sent a day, and email phishing accounts for 1.2% of all email traffic globally!
84% of organizations [of all kinds] were the target of at least one phishing attack.
Education industries (such as universities) make up 9.3% of these attacks.
That might not sound like much at first, but that’s 316,200,000 emails per DAY targeted at educational institutions!
Universities, as stated before, are some of the most vulnerable institutions in terms of phishing attacks. California State University would know.
82 student accounts of theirs were compromised in Q2 of 2023, up from almost zero at the beginning of 2021.
These attacks pose as either threatening to shut down access to important services like email accounts or offering students jobs with very enticing pay.
The second one especially is tempting, as many newer students need the money to support themselves, especially those who moved to live near the university (especially those from out of town and/or state).
Don’t think it’s just them either: The scam is present throughout most universities, as it’s very tempting for newer students and others who might not be as aware of the tells of phishing scams. For example…
It’s becoming more and more clear students and faculties at these universities do not have the proper training required to discern phishing scams from legitimate emails
The average click rate for a phishing attack is 17.8%, going to to 53.2% for more targeted spear phishing attacks!¹⁶
As well as all this, educational facilities have been reported to be some of the most likely to fall for phishing attacks, opening the emails 27.8% of the time! It’s becoming more and more of an issue, and educational institutions like universities are some of the most vulnerable entities out there.
Universities need a proper way to train their students so that they don’t bite the hook.
Lack of Hands-On Experience: Students and non-technical university personnel may lack the practical experience in identifying and avoiding phishing attacks.
Outdated Technology: Due to a lack of resources universities often have to use outdated or inadequate technology infrastructure making it difficult to implement anti-phishing measures.
Resource Constraints: Universities face resource constraints which can hinder implementing comprehensive phishing training programs.
Scalability: Universities may encounter challenges in scaling their training initiatives to accommodate a growing student population.
Phisecure provides a customized training software solution, developing phishing simulations over a variety of platforms tailored to the user.
The methods used during the simulation will be reported and explained in detail to the user. Creating a thorough training process to help them identify phishing threats.
Phishing Simulation
Inputs given by the user will be used to generate unique phishing attacks.
Sends messages through Email, Text, and Chat API used by their workplace.
Provide feedback recorded from the simulation
Reports to the user if they succeeded or failed, demonstrating the red flags they should have noticed.
Generates a threat assessment from the overall results after a period of training.
Phisecure’s goal is to collaborate with universities to offer a unique educational experience. With the Phisecure tool, Universities can provide a solution to teaching employees how to identify and avoid phishing scams.
Phishing- The fraudulent practice of sending emails or other messages purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords and credit card numbers.
User Interface(UI)- The means by which the user and a computer system interact, in particular the use of input devices and software.
Open Source- This is software in which the original source code is made freely available and may be modified.
Malware- Software that compromises the operation of a system by performing an unauthorized function or process.
Ransomware- A malware designed to deny a user or organization access to files on their computer.
Attack- An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity.
“Top 10 Costs of Phishing - Hoxhunt.” RSS, www.hoxhunt.com/blog/what-are-the-top-10-costs-of-phishing Accessed 7 Feb. 2024.
Irwin, Luke. “51 Must-Know Phishing Statistics for 2023: It Governance.” IT Governance UK Blog, 19 June 2023, www.itgovernance.co.uk/blog/51-must-know-phishing-statistics-for-2023.
Stansfield, Todd “Q3 2023 Phishing and Malware Report.” Q3 2023 Phishing and Malware Report, Vade 15 Nov. 2023, www.vadesecure.com/en/blog/q3-2023-phishing-malware-report
"Cloudian Ransomware Survey Finds 65 Percent of Victims Penetrated by Phishing Had Conducted Anti-Phishing Training." Cloudian, Victims Penetrated by Phishing Had Conducted Anti-Phishing Training (cloudian.com)
Rezabek, Jeff. “How Much Does Phishing Cost Businesses?” IRONSCALES, IRONSCALES, 24 Jan. 2024, ironscales.com/blog/how-much-does-phishing-cost-businesses.
Must-Know Phishing Statistics - Updated for 2024: Egress.” Egress Software Technologies, Egress Software Technologies, 19 Jan. 2024, www.egress.com/blog/phishing/phishing-statistics-round-up.
Sheng, Ellen. “Phishing Scams Targeting Small Business on Social Media Including Meta Are a ‘gold Mine’ for Criminals.” CNBC, CNBC, 15 Aug. 2023, www.egress.com/blog/phishing/phishing-statistics-round-up.
“Cybersecurity Training and Certifications.” Infosec, www.infosecinstitute.com/. Accessed 10 Feb. 2024.
Hoxhunt for End Users, Infosec, http://support.hoxhunt.com/hc/en-us/categories/360000079772-Hoxhunt-for-end-users Accessed 10 Feb. 2024.
KnowBe4. “Security Awareness Training.” KnowBe4,http://www.knowbe4.com/ Accessed 10 Feb. 2024.
Steves, Michelle, et al. “Categorizing Human Phishing Difficulty: A Phish Scale.” OUP Academic, http://academic.oup.com/cybersecurity/article/6/1/tyaa009/5905453 Accessed 10 Feb. 2024.
Nice Challenge Project, http://nice-challenge.com/ Accessed 10 Feb. 2024.