I'm excited to share the results of our latest phishing campaign with you. The campaign email was sent to 83 staff members and consultants, and I'm pleased to announce that there were zero QR Code scans, which means our phish-prone percentage is an impressive 0.0%! Fantastic job, everyone!

As part of our ongoing efforts to enhance our cybersecurity awareness and resilience, we will continue to conduct phishing simulation campaigns. These simulations are designed to coincide with actual staff activities and events to better prepare us for real-world scenarios.

Please follow the tips below to avoid falling for a faulty email. Thank you all that recognized and reported these types of spam/phishing emails. As always do not hesitate to click the Phish Alert Button or forward any emails as attachments to helpdesk@acord.org if unsure of its authenticity.

1. EXT – External Email Indicator. Be extra vigilant when you receive an email with an EXT in the subject.
2. Unfamiliar Email Address. Confirm if you’ve received email from this sender previously.
3. External Email Caution Banner. Be extra vigilant when receiving an external email.
4. Be wary of QR Codes. Do not scan QR codes in emails you were not expecting especially if they urge you to act.
5. Stop and Think. Does this look like a typical IT notification email? If not sure, click “Phish Alert” and confirm with IT.
6. If viewing from a cell phone, wait until you’re at your computer to help validate the email. If unsure, click “Phish Alert” and confirm with IT.