AI employee training in under two minutes. - Create a Video
AI employee training in under two minutes. - Create a Video
30-Minute Faculty Workshop: Recognize and Report Phishing Without Fear
-

30-Minute Faculty Workshop: Recognize and Report Phishing Without Fear

Mark Liapustin Mark Liapustin
Data ProtectionEmail EncryptionEmail Security
October 27, 2025

Introduction

Phishing targets everyone in education, full-time faculty, adjuncts, staff, and student workers. Attackers use believable emails to steal credentials, re-route paychecks, and request fraudulent purchases. You can learn to spot patterns quickly, then report without fear so the whole campus benefits. A fear-free reporting culture speeds incident response, reduces financial loss, and improves community trust. In this workshop you will learn to recognize risky messages fast, report confidently, and reduce real-world impact across classes, departments, and vendors.
  • Goal 1 , recognize red flags in under 10 seconds.
  • Goal 2 , report suspicious emails in your client with two clicks.
  • Goal 3 , know exactly what happens after you report.

Common Risks and Challenges

Phishing tactics keep evolving, which is why simple habits matter.
  • 2025 tactics , QR scams (also known as a quishing attack) that push you to scan a code with your phone, MFA fatigue prompts that spam your device until you approve, consent phishing that tricks you into granting OAuth access to your mailbox.
  • Business email compromise , leadership or vendor lookalikes asking for gift cards, invoices, or payroll changes.
  • Thread hijacking and lookalike domains , replies inside real threads or domains that swap letters, like rn for m.
  • Privacy concerns and blame , people hesitate after a mistake, which delays containment.
  • Alert fatigue , banners and popups become wallpaper and users ignore them.

30-Minute Workshop Agenda (fast, focused, practical)

Minutes 0 to 5, set the tone

  • Share the no-blame promise , mistakes happen, fast reporting limits damage for everyone.
  • Explain what to do if you already clicked, do not panic, disconnect from Wi-Fi if possible, and report immediately.

Minutes 5 to 15, recognize

  • Live walkthrough of three real examples, a payroll change request, a QR code delivery notice, and a shared document consent screen.
  • Point out specific red flags, mismatched sender, unusual reply-to, urgency and secrecy, and unexpected domain.

Minutes 15 to 25, report

  • Demonstrate built-in reporting in Gmail and Outlook, show exactly where the button is.
  • Explain what to include, original message, a one-line note, and the time you received it.
  • Describe what happens next, IT triages, blocks similar messages, notifies affected users, and updates patterns.

Minutes 25 to 30, quick quiz and wrap

  • One-minute quiz, raise a hand or click a poll for each example.
  • Share help channels and office hours for follow-ups.

How To Recognize Phishing, a simple checklist

  • Sender checks , compare display name to the real address, watch for external or unexpected domains.
  • Content cues , urgency, secrecy, requests for credentials, money, files, or gift cards.
  • Links and attachments , hover to preview on desktop, avoid impulse QR scans on your phone, open known sites directly in the browser instead.
  • Authentication signals , unusual reply-to, failed or missing indicators, and new senders using free mail.
  • Context test , out-of-hours requests, course or role mismatches, or vendors you do not know.
Tip, if something feels off, it probably is. Report first, investigate second.

How To Report Without Fear

  • No-blame promise , reporting quickly protects students and colleagues. Speed matters more than perfection.
  • After a click , disconnect from Wi-Fi if possible, do not delete the email, and report it right away with a brief note about what you clicked.
  • What to include , the original message, the time you received it, and a one-sentence description of what looked suspicious.
  • Confidentiality , avoid forwarding student data in new messages, use the built-in report action so headers and attachments are preserved properly.
  • What IT does , triage indicators, block lookalike senders and links, notify affected users, and feed lessons back into filters and training.

Hands-On Exercises

  • Spot-the-phish lightning round , three screenshots, choose phish or legit, then debrief the red flags.
  • Safe link preview and QR practice , hover on desktop, use an approved QR scanner that shows destination first on mobile.
  • One-minute reporting drill , practice the exact steps in Gmail or Outlook, find the report button, add a one-line note, submit.
  • Team roleplay , respond to a suspected BEC request, verify out of band using a known phone number before any action.

Reinforcement After The Workshop

  • Microlearnings , monthly tips and 60-second refreshers in the faculty newsletter.
  • Peer champions , a point of contact in each department to answer quick questions.
  • Feedback loop , share anonymized wins and near misses so everyone learns.
  • Metrics to watch , report-to-click ratio, mean time to report, attendance in drills, and participation in office hours.

Recommended Security Features

  • Email authentication alignment , SPF, DKIM, and DMARC with reporting so spoofing attempts are rejected or quarantined.
  • Impersonation and anomaly detection , protect executives and vendor workflows with lookalike and behavior analytics.
  • Contextual warnings and link analysis , only show targeted banners with clear next steps, view sender, report, learn more.
  • Safe message delivery , encryption and DLP for grades, IEPs, transcripts, and financial aid files.
  • Admin triage workflows , quarantine queues, bulk user follow-up, and analytics to track trends over time.

How Trustifi Supports Operations, Training, and Culture

Trustifi helps you operationalize this workshop so recognition turns into campus-wide protection.
  • Inbound protection , highlights risky sender behavior and suspicious content, including lookalike domains and unusual reply-to patterns.
  • Business email compromise and impersonation detection , surfaces high-risk requests like wire changes or gift card asks, so faculty can report with one action.
  • Policy-based encryption and DLP , protect student and staff data in transit, and enforce safe delivery when sensitive content is detected.
  • Admin dashboards and reporting , show triage status, repeated lures, and who reported first, which reinforces a quick, fear-free culture.
  • Simple integrations , works with Google Workspace and Microsoft 365, streamlines rollout with minimal disruption.
  • Post-report workflows , help IT contain threats, notify impacted users, and turn each report into updated rules and awareness content.
These capabilities support the exact habits you teach in the workshop, fast recognition, simple reporting, and rapid follow-through.

Conclusion

You can recognize common phishing patterns in minutes with a clear checklist and practice. A no-blame, fast-reporting culture lowers risk and strengthens resilience across your institution. With the right controls and workflows, individual reports become organization-wide protection.
sphere shield no background png image
Run the 30-minute phishing workshop with Trustifi Equip faculty with a simple checklist, one-click reporting, and protections that turn quick reports into faster containment across Google Workspace or Microsoft 365.
Request a demo today
Mark Liapustin
Mark Liapustin
Chief Information Security Officer (CISO)

As CISO at Trustifi, leads the Email Managed Detection and Response (EMDR) Team, delivering cutting-edge email security solutions to clients worldwide. With years of expertise in Web Application and Email Security, brings deep technical knowledge and strategic foresight to the fight against evolving email threats. Focused on innovation and excellence, drives the development of advanced security solutions while ensuring Trustifi remains at the forefront of email security technology.

Related Posts