Phishing attacks were responsible for $3.2 billion dollars in losses during 2007 and the number of attacks is increasing daily. According to the United States Computer Emergency Readiness Team, phishing was the top security threat during the first quarter of 2007, comprising 48% of all reported incidents. The purpose of this study was to identify the level of student awareness related to specific phishing tactics. Findings revealed that while students are unlikely to provide personal information in response to an email request, they can be easily tricked by numerous other tactics. This paper reports the findings of the study in addition to listing suggested points to include in classroom discussions on phishing. Education is the most powerful tool available for combating the growing phishing security threat and student vulnerability.