What is phishing?

Phishing is a type of social engineering attack often used to steal data (e.g. login credentials and credit card numbers) or compromise computer networks.

What is phishing?

Phishing is a type of cybercrime that involves tricking people into giving away sensitive information, like passwords or credit card numbers, through fake emails or websites.

View Options Again

A type of fish commonly found in rivers and streams A method of encrypting data to protect it from unauthorized access A type of cybercrime that involves tricking people into giving away sensitive information through fake emails or websites A software program used to secure computer networks

What should you do if you receive a concerning email?

If you ever suspect an email is malicious, err on the side of caution. Report the email to your IT or Security team for analysis.

View Options Again

Click links to verify their authenticity Report the email to your IT or Security team Forward the email to your colleagues Respond to the email and wait for a reply back

Why is Phishing so common?

Cyber criminals love phishing, because it's relatively low risk, difficult to trace, highly effective, commonly yields high rewards and there's no shortage of potential targets.

Phishing is relatively easy for scammers to carry out. They can use automated tools to send out large numbers of phishing emails and create fake websites that look convincing. This means that they can potentially reach a large number of people with minimal effort.

Phishing attacks can be very effective. Many people are not aware of the risks and may unknowingly give away their personal information. This is especially true for phishing attacks that mimic legitimate websites or emails, as people may not realize that they are being tricked.

Phishing attacks are often difficult to trace, as the scammers may use multiple layers of fake identities. This makes it difficult for authorities to track down the perpetrators. There is also often a low risk of being caught or punished for phishing, as it can be challenging for law enforcement to identify and prosecute the individual.

Is the following statement True or False:
If you receive an email with urgent or threatening language, you should do what it asks.

If you suspect an email is malicious in nature, you should never click on any links, download any attachments, or respond to the email. Instead, report the email to your IT or Security team.

View Options Again

True False

Learn how to spot the Phish

Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action.

Compose

Folders

Inbox 6
Starred
Draft 3
Sent Mail
Spam
Trash

[URGENT] Claim Your Work From Home Set-Up Payment

Human Resources ( human-resources@webnotifications.net )to john.doe@mybusiness.com

Dear John,

Claim Your Work From Home Set-Up Payment

Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of $1500.00 USD to ensure that you have a suitable home working set-up.

To receive the payment via payroll, you will need to complete this acknowledgement form .

For more information on how to set up your home office space safely, please look at the:
https://www.workingfromhome.hr/arragements/concur/apps/track

Thank you,
The Human Resources Team

***This is an automatically generated email, please do not reply***

What are some indicators that an email is malicious?

Cyber criminals will often use spoofed sender addresses and urgency to try and bypass critical thinking and make an email seem trustworthy. They will then also commonly request personal information or request you to perform an adverse action.

View Options Again

Urgency in email subject Requesting personal information Fraudulent or spoofed sender address All options are correct.

Do you know what the best defense against phishing is?

It's us! We should always be skeptical of any unsolicited emails or messages until we can verify the legitimacy of the sender and the request itself. This is especially relevant for any email asking you to perform a sensitive task.

What is the most effective way to protect yourself from phishing attacks?

While antivirus software and a VPN may assist in protecting against phishing attacks, the most effective way to protect yourself is with a security-first mindset. Remain skeptical of any unsolicited emails or messages until you can verify their legitimacy through an alternate channel.

View Options Again

Install antivirus software on your computer Use a virtual private network (VPN) when browsing the internet Remain sceptical of any unsolicited emails or messages you receive Share your personal information on social media sites

You get an email from a website you use that asks you to renew your password. You should:

Where possible, we should avoid trusting content listed in an email. If we're able verify information through an independent mechanism such as visiting a known website manually, we should do it.

View Options Again

Reply to the email to confirm that you really need to renew your password. Click the link in the email and enter your new password in the website it takes you to. Manually go to the vendors website through regular channels to verify if the request is real. Call the support team to verify the request, using a phone number listed in the email.

Is the following statement True or False:
Phishing can only be conducted over email.

Phishing can be conducted over a variety of different channels, including but not limited to text messages, phone calls, advertisements or through communication platforms like Skype, Facebook, WhatsApp, etc.

View Options Again

True False

Everyone is a target

Cyber criminals target everyone from Executives to IT admins, to HR staff, to Finance and Procurement. Anyone with an email address or phone number is a potential target for phishing attacks.

Use your gut

If an email seems off for any reason. Maybe it's a service you hardly use, an individual you rarely interact with, or a request that seems strange. Apply an extra level of rigour. Do an external validation by typing the domain into Google, ask a friend or colleague for a second opinion. But if in doubt, report the email to your IT or Security team.

Stay internet safe

Cyber criminals often use information from previous breaches to conduct further attacks. Avoid re-using passwords, and if you think your email address or password may have been compromised in a breach, err on the side of caution. Change your password.

What is phishing?

What is phishing?

Phishing is a type of cybercrime that involves tricking people into giving away sensitive information, like passwords or credit card numbers, through fake emails or websites.

What should you do if you receive a concerning email?

If you ever suspect an email is malicious, err on the side of caution. Report the email to your IT or Security team for analysis.

Why is Phishing so common?

Is the following statement True or False: If you receive an email with urgent or threatening language, you should do what it asks.

If you suspect an email is malicious in nature, you should never click on any links, download any attachments, or respond to the email. Instead, report the email to your IT or Security team.

Learn how to spot the Phish

What are some indicators that an email is malicious?

Cyber criminals will often use spoofed sender addresses and urgency to try and bypass critical thinking and make an email seem trustworthy. They will then also commonly request personal information or request you to perform an adverse action.

Do you know what the best defense against phishing is?

What is the most effective way to protect yourself from phishing attacks?

While antivirus software and a VPN may assist in protecting against phishing attacks, the most effective way to protect yourself is with a security-first mindset. Remain skeptical of any unsolicited emails or messages until you can verify their legitimacy through an alternate channel.

You get an email from a website you use that asks you to renew your password. You should:

Where possible, we should avoid trusting content listed in an email. If we're able verify information through an independent mechanism such as visiting a known website manually, we should do it.

Is the following statement True or False: Phishing can only be conducted over email.

Phishing can be conducted over a variety of different channels, including but not limited to text messages, phone calls, advertisements or through communication platforms like Skype, Facebook, WhatsApp, etc.

Everyone is a target

Use your gut

Stay internet safe

Is the following statement True or False:
If you receive an email with urgent or threatening language, you should do what it asks.

Is the following statement True or False:
Phishing can only be conducted over email.