Slideshare that can be used as an educational training tool for employees to be aware of the risks of phishing attacks. This presentation covers the threat of phishing and what strategies can be done to mitigate phishing attacks.
PhishingBox is an online system for organizations to easily conduct simulated phishing attacks and educate their end users through awareness training. This helps identify vulnerabilities and mitigate risk. Our system is simple to use, cost-effective and helps clients reduce risk and achieve cybersecurity objectives.
3. Phishing Is A Fake Email
The long definition is that phishing is the act
of attempting to acquire information such as
usernames and passwords by masquerading
as a trustworthy entity in an electronic
communication.
7. Source: 2013 Verizon Data Breach Investigations Report
71%
Phishing Is The
Most Used
Social Tactic
8. 91% of targeted attacks
use spear-phishing emails.
Spear-Phishing is when detailed information about the recipient, company or
others is used to make the email look more credible.
19. 1. Know the signs of a
phishing attack
2. Report phishing attacks
20. 1. Generic greeting
2. Invokes fear
1
2
3. Requires action
3
4. Threating language
4
5
5. Grammar Issues
Common Phishing Traits
6. Generic Closing
6
21. DO hover over links
verify its location
DO NOT click on
unknown links
DO report the
suspected attack
DO NOT reply to
suspicious requests
4
What To Do
22. There’s More:
DO NOT rely on the “from” and “reply to” email
addresses as these can be faked
BE SUSPICIOUS of unsolicited attachments
CONFIRM information out of band. That is,
contact the sender on a known line, email,
website, or other method.
DO NOT use information in the email.
23. Phishing attacks are only limited to the
creativity of the attacker.
When In Doubt, Ask Your Security Office.
DO NOT CLICK, RESPOND, OR DOWNLOAD!