Phishing

What You'll Learn in Phishing

• Identify mismatched URLs, spoofed sender addresses, and domain impersonation in email headers
• Recognize emotional manipulation tactics including fabricated urgency, authority impersonation, and fear-based language
• Report suspicious emails through your organization's designated security channels without interacting with malicious content
• Explain how a single compromised credential leads to account takeover, lateral movement, and data exfiltration
• Distinguish between legitimate business communications and socially engineered phishing attempts using a repeatable verification checklist

Phishing Training Steps

1. Introduction

   Welcome to SecureTech Corp! You are Alice, a procurement officer responsible for managing vendor payments. Today, you will learn about phishing attacks and how to protect yourself and the company from them.

2. Email Notification

   While working from home, Alice receives a new email notification titled 'Urgent: Update Your Security Question'. Intrigued, she opens her mail inbox.

3. Reading the Email

   Alice opens the email, which urges her to update her security questions via the employee portal. The email's professional tone and sense of urgency might compel her to act swiftly. Alice, trusting the source, decides to follow the email's instructions.

4. Enter Credentials

   The login page requests Alice's company username and password to proceed with updating her security questions. The page's resemblance to the legitimate employee portal makes it easy for her to assume it is safe, so Alice continues with entering her credentials without a second thought.

5. Error Message

   After 'logging in', the web browser displayed an error window instead of Alice's account dashboard, which left Alice worried.

6. Email Notifications

   Soon, Alice receives two new emails and proceeds to read them.

7. Bob's Malicious Actions

   Unbeknownst to Alice, Bob gains access to her credentials. Using her account, he performs malicious actions: he accesses the company's financial system and initiates a fraudulent transaction, transferring $10,000 to a fake vendor, 'Shadow Corp.' Additionally, he downloads sensitive files, including vendor contracts and payment details, from Alice's account.

8. Report Phishing Email

   To mitigate the damage, Alice decides to follow the steps proposed by the IT Department's email. First, she uses her mailing client to report the malicious email.

9. Login to Web Portal

   Alice opens her web browser and navigates to the company's internal security incident reporting portal: https://securetech.com/report-incident

10. Reporting the Incident

    After successfully entering the internal IT support ticketing system, Alice fills out a ticket form, detailing the suspicious email and unauthorized transaction.