Phishing attacks are one of the biggest threats to our organisation's security. This essential 30-minute e-learning course is designed to educate you on the various phishing schemes we encounter daily, empowering you to become a key defender of our company’s systems. Through a series of solid, real-life examples, you will gain a deep understanding of different phishing tactics, from fraudulent Google Doc links to fake Dropbox storage warnings.

The primary goal of this training is to sharpen your skills so you can confidently distinguish between a sophisticated phishing attack and a legitimate email. You will learn what to do if you suspect an email is malicious and the exact procedure to follow to report it, helping to keep our data safe and secure.

Why Is This Course Important?

Our company has already experienced a busy year for phishing attempts, making it more important than ever for every employee to be attentive and alert. A single click on a malicious link can compromise sensitive information, leading to significant security breaches. By completing this course, you will learn to minimise the risk of opening a phishing email and understand your crucial role in our collective security efforts.

Learning Objectives

Upon successful completion of this course, you will be able to:

• Understand the different types of email spam, scams, and viruses that constitute phishing attacks.

• Identify the warning signs of a phishing email, such as unexpected senders and suspicious-looking URLs.

• Analyse real-world phishing examples to build practical recognition skills.

• Know the correct procedure for reporting a suspected phishing attempt to the appropriate channels.

• Contribute directly to keeping the company's systems safe from cyber threats.

Course Outline

This training is structured into two practical sections filled with real-world scenarios:

1. What to Do If You Suspect a Phishing Attempt

• Something Smells Phishy: This section explains why it's vital to be vigilant with every email you handle. You will learn the key questions to ask yourself: "Was I expecting this email?" and "Do I know the sender?". We will also cover how to spot weird-looking URLs and suspicious attachments.

• Official Procedure: Learn the exact three-step process to follow if you encounter a potential phishing email: how to report it, create a ticket, and mark it as spam to ensure the threat is handled correctly and efficiently.

2. Can You Spot the Phishing Attempt? A Practical Guide

• Real-World Scenarios: Test your skills against a series of interactive, realistic examples of phishing emails that mimic genuine communications. Each scenario challenges you to decide if the message is legitimate or a phishing attempt. Examples include:

    ◦ A fake Google Docs link from a colleague.

    ◦ A fraudulent notification about a received fax.

    ◦ A suspicious message from an old school friend with a link to a photo.

    ◦ A deceptive Dropbox alert claiming you are out of storage.

    ◦ An urgent-looking email from Google warning that "Someone has your password".

    ◦ A request for account permissions from a third-party application.Top of Form