PHISING

AWARENESS Educating Users on Recognizing and

PROGRAM Responding to Phishing Attacks

EJOKE JOHN
 INTRODUCTION
OBJECTIVE:

THE PURPOSE OF THIS AWARENESS

PROGRAM IS TO:

Educate users about the Teach users how to Provide guidelines on how
nature and impact of recognize common signs to respond to suspected
phishing attacks. of phishing attempts. phishing emails.

Establish a reporting
Increase overall
mechanism for users to
awareness and vigilance
report suspected phishing
towards phishing threats.
attempts.

WHAT IS PHISING?
Phishing is a cyber attack where attackers deceive
individuals into providing sensitive information by
pretending to be trustworthy entities. This is usually done
through fraudulent emails, messages, or websites.
Vishing is phishing conducted
through voice calls, where
attackers impersonate legitimate
entities and try to deceive
individuals into providing
sensitive information.
Example: A phone call from "your
bank" asking for account details.
TYPES OF PHYSING
Mail Phishing is a form of
phishing where attackers
send emails that appear to
be from legitimate sources,
asking recipients to click on
a link or download an
attachment.
Example: An email claiming
to be from your bank asking
for account verification.
Whaling is a type of spear
phishing that targets high-
profile individuals such as
executives or key decision-
makers within an organization.
Example: An email purportedly
from the CEO, asking for urgent
fund transfer.
Spear Phishing is a
targeted form of phishing
aimed at specific
individuals or organizations,
often using personalized
information to increase
credibility.
Example: An email addressed
to an employee, asking them to
approve an invoice
Smishing is phishing conducted
through SMS or text messages,
where attackers send messages
that appear to be from legitimate
sources.
Example: A text message from a
mobile carrier asking for account
updates.
 Email Phishing Smishing

Vishing

Whaling
Spear Phishing
 Suspicious links

Unusual sender
Fake websites
addresses

HOW TO Suspicious pop-

ups
Urgent language

RECOGNIZE
PHISHING Too good to be Unexpected

ATTEMPTS
true offers attachments

Unusual Generic
requests greetings
Misspellings &
grammar errors
Real-world examples of phishing emails
 Understanding their tactics
Here’s a breakdown of the phishing red flags in the real-world
example from "Neil Harvey" as mentioned earlier

Generic Sender Unverified Context Suspicious Link The Unsolicited Account

Name: "Neil The context provided link included () could Information: Sharing
Harvey" might be lacks credibility—why lead to a fraudulent account details and a
unfamiliar or was this message sent, website aiming to password through an email
unrelated, creating and by whom? steal sensitive is highly unusual and
suspicion. information. unprofessional.

Excessive Financial Request for Secrecy: Missing Professional Unusual Urgency: This
Amount: Mention of a Advising to "keep your Details: No official prompts immediate
significant sum (e.g., password safe" falsely branding, contact action without providing
3,445,147.00 USDT) is establishes trust while information, or verification channels.
bait to create masking malicious intent. affiliation is
excitement or mentioned.
urgency.
 How to
Respond to a
Phishing
Attempts
Do Not Engage: Never reply to
the sender or click on any links
in the email. Interacting with the
email can confirm to the
scammer that your email
address is active.
Verify the Sender: Check the Scan for Malware: Run a
sender's email address
carefully for inconsistencies or
quick antivirus or anti-
malware scan to ensure
misspellings. If the email claims
to be from a company, contact
your device hasn’t already
been compromised.
them directly through their
official website or phone
number to confirm its
legitimacy.
Report the Email: Delete the Email: Educate Others: Share
Most email providers have a Once reported, the experience with
"Report Phishing" or "Mark delete the email colleagues, friends, or
as Spam" option. immediately to avoid family to help them
accidentally avoid falling for similar
interacting with it in scams.
the future.
 Summary
Phishing Email Signs:
Look out for suspicious links,
generic greetings, urgent
language, unfamiliar senders, and
grammatical errors.
Be cautious of unsolicited
account details or requests for
sensitive information
Real-World Example Analysis:
In the example provided (e.g.,
financial management email), key
phishing indicators include
excessive financial amounts,
unverified context, suspicious links,
and a lack of professional branding.
Responding to Phishing Emails:
Do not engage with the email or
click on links.
Report phishing emails through your
email provider or to local
authorities.
Delete the email and scan your
device for malware.

Reporting Phishing Emails:

•Use the "Report Phishing" option
in your email service or forward it
to the appropriate authority (e.g.,
[email protected]).

•Notify your organization if it’s

work-related and delete the email
afterward.
Key Takeaway

Stay vigilant, verify unfamiliar communication, and take action to report

phishing attempts to protect yourself and others from falling victim to scams.

Cybersecurity is all about awareness and caution!

Thank You

• Thank you all for your attention and active

participation today. Your engagement and
insights have been truly valuable, and it’s been
a pleasure sharing this session with you.
Together, we’ve made significant strides in
understanding and addressing key aspects of
cybersecurity.

• Let’s continue to stay vigilant and spread

awareness in this ever-evolving digital
landscape. Once again, thank you for your
time and involvement!