OH NO - YOU'VE BEEN PHISHED !!!

This is a training Test

learn to identify scammers

if you are unsure, ask your IT

ok, so how do you detect scammers?

1st: Do you know the sender?

Most scammers are trying to intimidate you and convince you at the same time. They almost always change the sender's name of the email to someone in the company.

Here's the catch: changing the email address is not always easy, especially if your mail DNS records are correct. Here is how to identify the sender:

2nd: Look at the links without clicking them!

Ok, this sounds easy enough right. Actually, it is! All phishing campaigns are trying to get you to open an email that takes you to some page being hosted in some dark corner of the world. In order for that to happen, it has to have a destination that a computer can read.

This is achieved by setting URL's or simply web-links. These links are key to telling you if an email is legitimate or not. Here's how:

3rd: Read the content!

Ok, this is the easy one and sometimes it can be misleading. It's no doubt there are excellent phishing campaigns out there. In most cases, the scammers lack some English ability or have some trouble with writing skills. This is your opportunity to stop them before anything happens.

In the example below, the English is perfect, however, when reading the content of an email, you may notice some grammar issues or simple spelling mistakes, this should be a RED FLAG for you! If you see these simple mistakes, STOP and ask yourself, is this a valid email!

blank

4th: Training and perimeter defense

Email gateways are used to filter out harmful and malicious emails, and quarantine them automatically away from user inboxes. A good email gateway will block 99.99% of spam emails and will remove any email that contains any malicious links or attachments. This means they are crucial in stopping users from receiving fraudulent phishing emails. Email gateways such as ProofPoint also expose when accounts have been compromised, and so can prevent business email compromise attempts within your organization, and stop your accounts being used to send out spam or phishing emails to companies that you work with.

An important way to stop phishing attacks is to see how effectively your employees can tell if an email is phishing or not. This helps admins to know how at risk their organization is from phishing, and helps to direct training where it is needed. This has become a popular approach, with many vendors offering a comprehensive platform to create simulated phishing email campaigns, and send them out to users. Many of these same vendors also offer security awareness training materials, which can be used after phishing simulation to train users who need more help with identifying phishing emails.