Scribd
Upload
120 views36 pages

Phishing Awareness Training Guide

The document provides an overview of various phishing scams, including email phishing, spear phishing, smishing, and vishing, along with strategies to protect against them. It emphasizes the importance of strong passwords, multi-factor authentication, and being cautious with personal information. Additionally, it discusses the risks of wire fraud and the need for verification in financial transactions.

Uploaded by

ekegoodness040
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
120 views36 pages

Phishing Awareness Training Guide

The document provides an overview of various phishing scams, including email phishing, spear phishing, smishing, and vishing, along with strategies to protect against them. It emphasizes the importance of strong passwords, multi-factor authentication, and being cautious with personal information. Additionally, it discusses the risks of wire fraud and the need for verification in financial transactions.

Uploaded by

ekegoodness040
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Security Awareness

Training

wizer-
[Link]
Phishing
Whefi sc6mmers
FOOL YOU to thifik
they 6re someofie
you trust ifi order to
m6ke you DO
SOMETHING
7 Types of Phishing Scams
You Should Know About
Email Phishing Scams

It m6y look like6fi


em6il fromyour
b6fik, P6yp6l,
Google, Am6zofi,or
evefi your CEO
Spear Phishing Scams

This is whefi they t6rget


you specific6lly. They
h6ve rese6rched you,
they kfiow your f6mily
members, where you
work, 6fid who is your
boss. The ch6fices of
foolifig you 6re higher.
Smishing Scams

These 6re text mess6ge phishifig sc6ms.


Crimifi6ls kfiow people respofid to text 6fid
ifist6fit mess6ges f6ster th6fi em6il.

Lookalike Contacts. Generic Contact


1 Name is similar to Trusted Contact
role.
2 Message conveys sense of urgency
and fear.
3 Lookalike URL. Scammers buy
lookalike domains similar to, but
different from, the real company site.
Google Search Scams
You m6y be surprised, but some of the top
se6rch results ifi Google 6re phishifig lifiks.
Sc6mmers 6lso ifivest ifi se6rch efigifie
optimiz6tiofi 6fid work h6rd to r6fik their
sc6m sites ifi the top se6rch results.

Search Result Shows Brand


1 Title displays correct brand name

URL Mismatch. Title says Venmo but URL


2
is a generic [Link]

2nd Result for Organic Search


3 Even top search results can
be manipulated for fake sites
Social Media Scams

Soci6l medi6 is full


of f6ke 6ccoufits.
It could 6lso be 6 f6ke
6ccoufit with the s6me
fi6me 6fid photo 6s ofie
of your re6l friefids th6t
will l6ter try to sc6m you.
QR Code Scams
Who thought 6 QR code
could be d6figerous?

They 6re everywhere, especi6lly ifi


rest6ur6fits. Crimifi6ls c6fi pl6ce their
owfi sticker over the legitim6te ofie.
So th6t whefi you sc6fi it, you will be
redirected to 6 f6ke site.

Real URL
1 Add legitimacy to ad

QR Code. Hides actual URL that


2 directs to a fake site
Vishing Scams

Vishifig (voice phishifig) is 6


type of phishifig 6tt6ck
m6de over the telephofie.
Sc6mmers c6fi spoof 6
phofie fiumber th6t looks
idefitic6l to 6 kfiowfi
fiumber, like your b6fik.
What Helps Protect You From Phishing Attacks?
If it’s urgent, don’t let the emotions cloud your judgment

Call and verify! - Verify that you are talking to the


correct person
Check the address - Always check the email
address and URL for spelling mistakes

Policy Awareness Gap

Look at the style of the

message Ask Questions


How Long Will it Take to Crack Your Password

7 characters 1 minute

8 characters 1 hour

9 characters 3-4 days

10 characters 7 months

11 characters 40 year

12 characters 2000 years

Passwords include - Lowercase, Uppercase and


Numbers
Passwords
How To Create a Strong Password:

Passwords need to be LONG!

Use a phrase (NO personal info like


your name or B-Day)

DON’T reuse passwords!


However…

11 BILLION Accounts were stolen from


hacked sites and apps.

So even if you have a STRONG


PASSWORD, it may still not be enough.

You can check if yours was


leaked at [Link]
And That is Why You should Enable
Multi-Factor Authentication

This will help to protect


your 6ccoufit if your
p6ssword w6s stolefi or
le6ked ifi 6 d6t6 bre6ch.
What Type of Multi-Factor
Authentication to use?

Most common is text based


(SMS), but it’s the least secure
It’s better to use authenticator apps
like Google or Microsoft Authenticator

Or even better yet, a physical USB


key
Malware
Ransomware

Whefi crimifi6ls h6ck your


computer or fietwork, lock
you out, 6fid dem6fid 6
r6fisom to let you b6ck ifi.
How to Avoid Ransomware

Don’t download files from random websites

Beware of phishing emails with


attachments (See phishing section)
Don’t use your company email or password
for personal stuff
Don’t store password in text files
or spreadsheets
Voice Cloning and Deep Fake
What is Voice Cloning

A mere 5-secofid s6mple of your voice from soci6l medi6 is efiough


to clofie your voice 6fid impersofi6te you over the phofie.

How do criminals use this?

You receive 6 phofie c6ll from someofie pretefidifig to be your child,


cl6imifig they're ifi trouble 6fid fieed mofiey - but it's fiot re6lly them.

You get 6 c6ll from someofie impersofi6tifig


your boss, 6skifig you to wire mofiey - but
it'sfiot 6ctu6lly your boss.
How to avoid scammed by Voice Cloning

Establish a “Family Safety Word” that


only your family knows to confirm
identity in case of emergencies.

If you receive a suspicious call,


hang up and contact the person
directly.

Use an alternative method, such as a


text message or email, to verify their
identity. Don’t trust a voice just because it
sounds familiar.
Let’s Be Real — DeepFakes Are Getting Scary Good!

It’s fiot 6bout squifitifig 6t


pixels or 6fi6lyzifig lightifig.
Forget tryifig to CSI every
video fr6me.

The Re6l Questiofi:


Who’s sharing this?
The Playbook for Spotting DeepFakes

Check the Source


Is this from the original creator, or
just someone re-sharing it for clout?

Ask the Agenda Question


What’s in it for them? Are they
pushing a narrative, selling
something, or stirring up drama?

Pro Tip: Start treating “Agenda”


and “Source” as the new
metadata for everything you
consume.
ChatGPT And Similar Apps
Tips For Using AI Tools Securely

Be aware there are many fake AI apps and browser


extensions out there that claim to be AI tools, but
they are actually malware or phishing scams.

Never enter any sensitive info or PII when using


AI tools, it puts our data at risk.

Remove any mentions of our organization, people


or customers before using it.

Always consult with the IT Team before using


anything for work-related purposes.

REMEMBER: AI doesn’t really understand the question!


Protect Your Mobile Device
Limit Apps From Collecting Your Data

Disable Individual Apps From Tracking You

Disable Apps From Tracking You Even When


You Are Not Using Them

Find Out If You Are Sharing Your Location With


Friends

Avoid Using a Simple PIN to unlock your phone

Step by step guide ofi how to do this:


[Link]/citizefis/s6fegu6rd-your-priv6cy
Data Leaks

Share Google Docs carefully — avoid giving "Editor"


access to everyone and set expiration dates for
external sharing.

Remove PII before using ChatGPT or any external AI


tool.

Avoid unauthorized plugins — they can track your


browser activity.
Hey!
Why use this PowerPoint
when you can assign
these training topics &
more for FREE?

Cre6te 6 Free Accoufit!

[Link]
Our Approach

Training your organization


doesn't have to be
boring.

We make security
awareness training simple,
fun, and effective with 1-min
videos + micro-learning. Your
learners are going to love it!

Cre6te 6 Free Accoufit!

[Link]
Wire Fraud
What is Wire Fraud?

It’s whefi you’re tricked ifito wirifig mofiey to 6


fr6udulefit b6fik 6ccoufit. For ex6mple:

An urgent request to wire money from a criminal


who impersonates your CEO through hacking
your CEO’s email account.

They hacked one of your vendors and sent you


an invoice with fake bank information.

If you’re tricked ifito wirifig mofiey to 6 fr6udulefit b6fik 6ccoufit, the


b6fik m6y fiot be there to help you. After 6ll, it’s you who
tr6fisferred the mofiey, fiot the crimifi6l.
How to Avoid Wire Fraud

Call and verify any money Request

Call a known number that you used before or


from the vendor management system

Verify that the bank info match the one on


file

Call and verify any request to change info on


file, like phone number, address or bank info
MFA Guide, Family guide, Online
shopping guide, Wire fraud kit

How to Avoid Wire Fraud

Family Online Safety Tips

Online Shopping Scam Prevention Kit

MFA Setup Guide


Whew!
You made it.
Get more tips to #st6yWizer ofilifie 6t [Link]

You might also like