Objective: This training aims to equip you with the skills to identify and defend against various cyber threats, including phishing emails, ransomware, malware, and scams. By recognising these threats, you can contribute to a more secure online environment for yourself and the organisation.
1. Phishing Emails:
Definition: Phishing emails attempt to deceive individuals into revealing sensitive information, such as passwords, financial details, or personal data.
Identification Tips:
Sender’s Email Address: Check the sender’s email address carefully. Watch out for misspellings, unfamiliar domains, or slight variations from legitimate addresses.
Urgency or Threat: Phishing emails often create a sense of urgency or threat to manipulate you into taking immediate action.
Suspicious Links: Hover over links before clicking to preview the URL. Avoid clicking on links from unknown or suspicious sources.
Attachments: Be cautious with email attachments, especially from unfamiliar senders. Malicious attachments can contain malware.
Poor Grammar and Spelling: Phishing emails often contain spelling errors or awkward language.
2. Ransomware:
Definition: Ransomware is malicious software that encrypts your files and demands payment (ransom) for their release.
Identification Tips:
Unusual File Extensions: Be cautious of files with unfamiliar extensions, such as .exe, .js, or .zip, especially from untrusted sources.
Unauthorized File Encryption: If you receive a notification about file encryption and a ransom demand, it’s likely ransomware.
Suspicious Requests for Payment: Never pay a ransom. Paying does not guarantee file recovery and supports criminal activity.
3. Malware:
Definition: Malware encompasses various types of malicious software designed to damage, disrupt, or gain unauthorized access to systems.
Identification Tips:
Unexplained System Behaviour: Slowdowns, crashes, or unusual system behaviour can indicate malware.
Antivirus Alerts: Pay attention to antivirus warnings about detected threats. Quarantine and remove threats as advised.
Unauthorized Software: Be cautious when installing software from untrusted sources. Only download from official websites.
4. Scams:
Definition: Scams are fraudulent schemes aimed at deceiving individuals for financial or personal gain.
Identification Tips:
Too Good to Be True: Be sceptical of offers that seem too good to be true, such as huge financial gains or exclusive opportunities.
Request for Personal Information: Legitimate organisations rarely request sensitive information via email or text.
Urgent Requests: Scammers often create a sense of urgency to pressure you into taking hasty actions.
Unsolicited Communications: Be cautious of unsolicited emails, messages, or calls that request money or personal information.
5. Protecting Yourself:
Secure Practices:
Think Before You Click: Avoid clicking on links or downloading attachments from unknown sources.
Verify Sources: Double-check sender information and URLs before sharing any information.
Stay Informed: Keep up to date with the latest phishing and scam trends to recognize new threats.
Use Strong Passwords: Create unique passwords for each account and use a combination of letters, numbers, and symbols.
Regular Backups: Regularly back up important files to prevent data loss in case of ransomware attacks.
Educate Others: Share your knowledge with colleagues and friends to collectively enhance cybersecurity awareness.
Conclusion:
By understanding the characteristics of phishing emails, ransomware, malware, and scams, you play a pivotal role in safeguarding yourself and the organisation against cyber threats. Vigilance, cautiousness, and continuous learning are key to maintaining a secure online presence
