Take the Quiz and find out more!

Slides:



Advertisements
Similar presentations
What Are Scams? Scams are designed to trick you into giving away your money or your personal details. Scams come to you in many forms – by mail, ,
Advertisements

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
What is identity theft, and how can you protect yourself from it?
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.
Jason Rich CIS  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Oracle Method | Group Delivery Together. Free your energies New Supplier Registration.
ICT Essential Skills. (electronic mail) Snail Mail.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Keeping Information Safe Task 4. Basic security measures Passwords Change password on regular basis Do not use names or words easily linked to yourself.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
Scams & Schemes Common Sense Media.
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Phishing A practical case study. What is phishing? Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details.
SCAMS & SCHEMES PROTECTING YOUR IDENTITY. SCAMS WHAT IS A SCAM? ATTEMPT TO TRICK SOMEONE, USUALLY WITH THE INTENTION OF STEALING MONEY OR PRIVATE INFORMATION.
A Matter of Your Personal Security Phishing. Beware of Phishing s Several employees received an that looked legitimate, as if it was being.
Phishing Dennis Schmidt, CISSP Director, Office of Information Systems HIPAA Security Officer UNC School of Medicine UNC School of Medicine.
A Matter of Your Personal Security Phishing Revised 11/30/15.
What are they? What do they have to with me?. Introduction  You may not know exactly what it is, but chances are you have encountered one at some point.
Activity 4 Catching Phish. Fishing If I went fishing what would I be doing? On the Internet fishing (phishing) is similar!
OCR Nationals Unit 1 – ICT Skills for Business. Using in business What bad practice can you see in this ? Annotate your copy.
This Guide is going to be about how to  attach files  create a signature  send to multiple recipients with using ‘Cc’ and ‘Bcc’  change the priority.
U.S. Businesses Targeted Randy Wolverton Brian J. Koechner.
Phishing and online fraud What parents need to know.
FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH FLEET    1 Overall Classification of this Briefing is UNCLASSIFIED//FOUO Phishing.
Catching Phish. If I went fishing what would I be doing? On the Internet fishing (phishing) is similar! On the internet people might want to get your.
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
Cyber security. Malicious Code Social Engineering Detect and prevent.
Fall Phishing - attempt to acquire sensitive information, like bank account information or an account password, by posing as a legitimate entity.
Important Information Provided by Information Technology Center
Objectives Define phishing and identify various types of phishing scams Recognize common baiting tactics used in phishing scams Examine real phishing messages.
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
Unit & District Tools Phase 1
An Introduction to Phishing and Viruses
Scams & Schemes Common Sense Media.
Phishing, identity theft, and more
PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.
Misuses of ICT Malpractice and crime © Folens 2008.
Online Training Course
Class Name: Online Safety & Privacy Basics
Don’t get phished!, recognize the bait
Lesson 3 Safe Computing.
Phishing, what you should know
Chep Reconciliation Learning Tool T-1400
Phishing is a form of social engineering that attempts to steal sensitive information.
Protect Your Computer Against Harmful Attacks!
Cybersecurity Awareness
IT Security awareness Training.
ISE Website Encourage International Service Employees to regularly check the website to view financial reports (e.g. payroll information), download.
Gift Tax Receipt Audit Site Tutorial
DON’T GET HOOKED! YOU MAY BE UNAWARE BUT YOU ARE A PHISHING TARGET FOR CYBER CRIMINALS. A. Unknown sender address B. Offer too good to be true &
Lesson 2: Epic Security Considerations
9 ways to avoid viruses and spyware
Phishing Don’t fall for fake
Lesson 2: Epic Security Considerations
Social Engineering Humans are often the weakest point in security
Spear Phishing Awareness
Phishing 101.
Chep Reconciliation Learning Tool T-1400
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Take the Quiz and find out more! Spot the Phish Quiz Take the Quiz and find out more!

About the Quiz Start Quiz INTERNAL You receive emails from banks, e-commerce vendors and other organizations each day. Unfortunately, cyber criminals also send out fake emails that look like they are from credible senders with the intention of stealing your valuable information. By clicking on a malicious link, downloading an infected file or visiting a suspicious website, you may have given cyber crimnals access to your information without even knowing it. So, how can you tell the difference between a real and a fake email? Take the quiz and find out more We have collected a set of examples at BASF to help you test your ability to identify a phishing scam. Please note that this quiz is just an exercise. It does not contain any factual information. it has been developed for internal training purposes in order to enable BASF employees to better identify phishing mails. To begin, start the presentation mode in PowerPoint. Then, click the "Start Quiz" button below. Each example will be displayed one at a time on a slide. You decide if the email is a "Phish" or “Real." After each example, you will find out the correct answer and"why“ an was a phishing mail or a real one. Good Luck! Start Quiz INTERNAL

Example 1 Real or fake? Real Fake INTERNAL

Example 1: Malicious attachment in email What’s phishy about this email? Sender seems to be an important authority Fake! Example of spelling & grammar errors Request to open the attachment Reference to a specific tax transaction An „executable“ file as the tax transaction report x Real ü Fake INTERNAL

Example 2 Real or fake? Real Fake INTERNAL You are sent an email with a link from your bank to update your bank account details. The link takes you to this site: Real Fake INTERNAL

Example 2: Link to a fake website What’s phishy about this email? How to identify the domain Read from left to right from the first single “/” until the second period of a URL. (Here the domain: „banksofamerica-wellsfargo.com“) Illegitimate domain Fake! Request to log into your bank account x Real ü Fake INTERNAL

Example 3 Real or fake? Real Fake INTERNAL

Example 3: Trustworthy link and URL What’s phishy about this email? General request to change passwords without links Real! Legitimate sender Correct contact signature Legitimate Domain ü x Real Fake INTERNAL

Example 4 Real or fake? Real Fake INTERNAL

Example 4: Malicious attachment in email What’s phishy about this email? Mismatch between sender and the content of the email Fake! Time pressure imposed through provision of a deadline Reference to a specific transaction Serious consequences if no action is taken Indirect request to open the attachment x Real ü Fake „.zip“ file as a report Unknown contact with missing contact details INTERNAL

Example 5 Real or fake? Real Fake INTERNAL

Example 5: Suspicious, unknown sender What’s phishy about this email? False, non-BASF email account = „Outlock“? The sender pretends to own a BASF email account by entering a fake email address in cc. How? The „I“ in „“Stefanie“ is really an „L“ Fake! Authoritative pressure from HR Manager. Time pressure imposed through provision of a deadline Request for sensitive information Example of spelling & grammar errors This is a case of Spearphishing , i.e. a phishing scam targeting specific individuals or groups. A spearphishing email may include personal contact details and other information that can fool a recipient into believing that the email was sent by a legitimate sender. x Real ü Fake Incorrect BASF signature missing contact details INTERNAL

Congratulations! You have completed the quiz! Remember: If you receive a suspicious email from an unknown sender or an email that may have a malicious link or attachment, then do not click on the link or open the attachment. Please report it by clicking on the Phishing Button in Outlook. If you become a victim of a phishing scam: Inform your supervisor and Information Protection Officer. Further, if you may have unintentionally released information as a result of a scam or phishing mail, please take measures to notify your supervisor and other affected parties. Checklist: What indicates a suspicious email? Mismatch between the name of the sender and the content of the email Links to unknown websites Unsolicited request for sensitive information Unsolicited attachments that you are asked to view or update Spelling and grammatical errors Unrealistic story – “too good to be true” Pressure to answer questions (e.g. time or authoritative pressure) Reference made to orders, deliveries or outstanding bills INTERNAL

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.