Your Click Matters: A Look at Our Phishing Campaign Results
July 9th, 2025
Dear Monument Team,
Scammers are getting smarter—and our latest quarterly phishing simulations prove it.
Over the past two quarters, nearly 25% of our global workforce has failed simulated phishing tests conducted by the ITSS team. That’s 1 in 4 employees who clicked on a suspicious link or engaged with a fake phishing email—despite ongoing awareness efforts and mandatory trainings.
These simulations are designed to mirror real-world phishing tactics, which are becoming increasingly difficult to detect. Today’s attackers use AI tools to craft polished, convincing emails that look like they’re coming from trusted sources, including Monument leadership.
Why This Matters
A single click on a phishing link can compromise sensitive data, expose employee credentials, and put our entire organization at risk. That’s why these simulations—and your participation—are so critical.
What You can Do to Outsmart Phishing
- Pause and Verify
If you receive an unexpected email—especially one asking you to click a link, open a document, or enter credentials—verify the sender through a known, trusted method. - Check the Domain
Look closely at the sender’s email address. Attackers often use domains that mimic legitimate ones with subtle changes. - Hover Before You Click
Hover over links to preview the destination. If it looks suspicious or unfamiliar, don’t click. - Don’t Assume It’s Legit
Even if the email looks professional or references a familiar name, treat it with caution. Phishing emails often impersonate leadership or vendors. - Report It
Use the “Report Phishing” button in Outlook or forward suspicious emails to the ITSS Service Desk. You can also reach out to Jose Cevallos, Sr. IT Administrator, for support.
IT Security Training Policy
In accordance with the IT Security Training Policy, failed simulations will result in mandatory training. Multiple failed simulations within the same 12-month period can result in further training being assigned, as well restricted internet access, corrective action, and escalation to senior leadership.
Please take a moment to review the IT Security Training Policy to understand the expectations of all employees regarding quarterly phishing simulations and what happens if phishing simulations are failed.
We’re committed to helping everyone stay ahead of evolving threats. This means continuing to raise the bar in our phishing simulations and continuing to partner with ITSS to provide targeted training to help you recognize event the most convincing scams.
Let’s think before we click and work together to keep Monument Chemical secure.
Chad Nichols
Information Technology Director, Monument Chemical
Categories
Recent Articles
- 06/4/26Unlock the Power of AI at Monument – Join Our Upcoming Summer Sessions!
- 06/3/26Update Your Workday Profile. Unlock Possibilities – and a Chance to Win a Gift Card
- 06/1/26Our Q2 2026 Work Anniversaries — Congratulations!
- 05/29/26Stephen Cundiff Accepts New Role as EHS Manager - Brandenburg
- 05/28/26Monument Houston Earns Eighth Straight Pinnacle Award for Rail Safety
- 05/22/26Monument Engineer Alexandra Bledsoe Featured in CPI Young Professionals Spotlight
- 05/21/26Expand Your Professional Development — Free Continuing Education Opportunities Available
