Trick or Treat
Zombie Accounts
Spooky Scams
Frighteningly secure code
Creepy Corporate Catastrophes
100

You get an email from IT with a link to reset your password.

Trick or Treat?

It depends! could be a trick(phishing) or a treat (legitimate). Verify the sender

100

These accounts refuse to die, even though no one uses them anymore, what should you do? 

Delete or disable old and inactive accounts!

100

Is an email claims you must act urgently to avoid consequences, it may be using this tactic to get you to respond without thinking.


What is creating a sense of urgency?

100

The Cyber Criminals look for holes in your s/w to exploit. Installing these "fixes" gives you protection as new vulnerabilities are discovered. 

What are S/W patches? or Updates? 

100

one dark night, a sales team's client list mysteriously disappeared, only to be found shared online. What happened?

What is a data breach? 

200

After a spooky day at work, this practice/policy of tidying up ensures that the sensitive documents are locked properly? 

Trick or Treat?

What is a clean desk policy? 

200

You've got 20 passwords, but they're all the same! what should you do to prevent your accounts from turning into zombies?

Use Unique passwords for each account!

200
A terrifying text message says your bank account will be closed if you don't click a link. What kind of phantom is this?

What is smishing? (SMS phishing)

200

To ensure that the sensitive information is securely stored and accessed, developers use this method!

what is secure authentication practices?

200

To keep your work account secure, it's essential to change this regularly and keep it strong.

What is a password?

300

This sneaky ghostly process happens when someone secretly takes data out of a company without permission. 

Trick or Treat? 

Trick : What is Data Exfiltration? 

300

This enchanted vault can keep all your passwords safe, like a haunted treasure chest. Who am I?

What is a password manager? 

300
The ghoul calls you pretending to be tech support and asks for your password. What is this dark art known as ?

what Vishing (Voice Phishing)?

300

Developers follows this practice to keep track of changes and updates to their code, it's like leaving a breadcrumb trail to avoid getting lost in the woods.

What is Version control?

300

Harvey from Payroll Department was travelling to France and connected to insecure network that led to the leakage of Salary details of 100s of Employees.

Using of public WiFi and not using VPN

400

Just like a locked treasure chest, this method keeps your data safe by turning it into unreadable code.

Trick or Treat? 

Treat : What is encryption?

400

Two heads are better than one, and 2 factors are better for security. what is the 2 headed monster?

what is an MFA? 
400

Beware! this can lead to spooky consequences such  data theft, malware infection, financial loss, compromised accounts, data privacy breaches, repetitional damage, spread of attack, loss or productivity or even legal penalties! 

Ill effects of clicking on Phishing and other Social Engineering baits! 

400

The practice that involved checking code for security flaws and bugs before it goes live, much like a ghost hunting for hidden secrets?

what is code review?

400

After clicking a suspicious link, the facilities team's Laptops started acting like they were possessed, Files were locked and a message demanded payment

What is Ransomware Attack?

500

Ransomware strikes your system and all your data is encrypted and inaccessible. Luckily, you can use this to restore to a previous, unaffected time and without paying any ransom. 

Trick or Treat?

Treat : What are backups?

500

If an old account rises from the grave, it may have been taken over by someone else. what should you do immediately? 

Change the password and notify the IT and Security!

500

You've received an email that seems to come from your CEO, asking for a quick wire transfer. This shadowy trick is called?

What is BEC? 

500

Before a s/w is released, it's crucial to review the entire codebase to catch any lurking vulnerabilities.

What are Security Audits?

500

The Finance Team found out that a new "vendor" they were paying didn't actually exist. It was an impersonation scheme!

What is a fake vendor or vendor imporsonation scam? 

M
e
n
u