Between September 3 & 10, 2025, the KAUST Information Security Department conducted a targeted phishing simulation, themed around Boosting your productivity with Microsoft 365 Copilot.
This simulation email included links encouraging users to click and explore how to use new Microsoft Copilot features in Outlook and PowerPoint. While it may have seemed convincing at first glance, there were several indicators to watch out for if the email is not legitimate.
These simulations are designed to raise awareness and help our community recognize evolving phishing tactics. By staying alert and learning to spot suspicious signs, we can better protect both ourselves and the organization from real-world cyber threats.
đ If youâve clicked on links in multiple recent simulations, youâll be assigned a short online refresher training. Itâs important to complete it as soon as possible to stay informed and better protected.
Indicators of phish
Check the different indicators of the Phishing email in the infographic below.
Think before you click. Report suspicious emails!
Donât just deleteâReport it!
If you ever suspect an email might be phishing, please report it immediately.
Reporting helps the Information Security team quickly detect and block threats, reducing the risk of data breaches. It protects not only your account but also strengthens our defenses across the organization.
Every report counts â it improves our ability to respond to threats, keeping our digital environment safer for everyone.
đ Use your email platformâs âReport Phishingâ button to alert us.
For Outlook users, the icon with the âFishâ
For Gmail users, the icon with the âEnvelope hanging from a fishing hookâ
For any queries, feel free to reach out to the Information Security Department at askinfosec@kaust.edu.sa