» Phishing

hands typing on laptop

What is Phishing?

"Phishing" is a social engineering technique used to trick users into providing their personal information such as usernames, passwords, credit card details and social security numbers by pretending to be a trustworthy entity.

It often uses forged or look-alike email addresses and compromised websites that mimic the  look and feel of the legitimate websites.

Phishing emails can be used to compromise an individual’s personal information or an Institution’s infrastructure and proprietary information.

The term is a homophone of “fishing” due to the similarity of using a bait in  an attempt to catch a victim. A list of the recent phishing emails we received can be viewed at www.chapman.edu/security


Toggle Section

How to Spot a Phishing Email


Toggle Section

What to do if I:


Toggle Section

Chapman's Online Training and Awareness Program

Chapman's Online Training and Awareness Program consists of video modules and simulated phishing emails. The goal of this program is to help our users better protect both Chapman University’s sensitive information and their own.

Phish-Train approach. Here is an outline of how a Phish-Train cycle works:

First a simulated phishing email is sent to Staff and Faculty. The users who click on the link will be enrolled in an online training and will immediately receive an email notification.

Starting March 1st, 2019, the users who entered data as a result of a simulated phishing email will have their passwords reset. If you entered data in a simulated phishing email, you can contact the ServiceDesk at extension 6600 or visit password.chapman.edu to reset your password.

The program follows Information Security Industry best practices and has been created by the offices of Human Rescources and Information Security. 

A Steering Committee comprised of key members from the following departments: Internal Audit, Financial Services, Human Resources, Information Systems and Technology and Chapman University's Office of the Provost manage and monitor this program.

If you would like to be enrolled in the free, self-paced Online Training and Awareness program, please send an email with the subject “Enroll me in the training and Awareness Program” to infosec@chapman.edu

Online Training and Awareness Program FAQ's


Toggle Section

Phishing Resources

If unsure about an email you received, send an email with your questions to abuse@chapman.edu.

For any questions regarding Phishing Simulation/Phishing Simulation training please contact infosec@chapman.edu.

View phishing email examples (listed under the "Latest Phishing Emails" section on that page).