Your Role
Common Threats
Red Flags
Danger Zone
Potpourri
100
This is big business and includes phishing, ransomware and identity theft.
What is Cybercrime?
100
This is an example of Malware
What is Ransomware, Virus, Trojan, Worm?
100
In the context of security awareness, this is a red flag.
What are areas you should check to see if something is legit or not.
100
This is what you should do when you receive a suspicious email requesting you to update your account information
example: Amazon, Paypal
What is Open web browser and log into service and update account information?
or
What is Contact IT!
Don't click links in emails to update credentials, when in doubt go directly to that service to update credentials, ask IT if unsure.
100
This gentlemen was featured in our Knowbe4 training
Who is Kevin Mitnick?
200
This is the easiest way to let an attacker into a network.
you/me
200
This is a favorite trick that hackers like to use
What is creating a sense of urgency or confusion that gets you to act without thinking through?
200
This is 1 red flag location on a suspicious email
What is the From:, To:, CC:, Subject Line:, Date:, Attachment, Body of Email,
200
This is what you should you do if you get a call from somebody that is unexpected, and they are asking for information from you or need you to do something for them.
What is verify who they are, ask for more information like a contact person or account number.
Another good way is to ask for a call back number in case you get disconnected.
200
This is how we use USB drives in the board room.
What is the wireless USB hub?
300
These are the methods used by cybercriminals to breach your device and get into your network.
What is the Threat Landscape?
300
These are the three things you should do before you click on any link, attachment or email.
What is Stop, Look and Think.
Always follow this rule "If you didn't ask for it, don't open it"
300
This is what you can do on your own to see if a link in an email legit.
What is hover over the link to compare the address?
300
This is what you should do if you receive an email that you are expecting but it's not legit.
What is check the RED FLAGS! check all of the red flag areas. Phish Alert button.
300
This is the name of the Anti-Virus software that scans all of our computers for malware.
What is Trend Micro?
400
These are examples of Social engineering, which is the art of manipulating, influencing, or deceiving you in order to take some action that isn't in your own best interest or in the best interest of the organization.
What is Phishing, Spear Phishing, Plugging in an infected USB device, Social Media.
Social media can be a wonderful source of valuable information for hackers.
400
This is how malicious software is installed on mobile devices such as smart phones and tablets
What is a SMS/TEXT with malicious links?
400
These are 5 red flags in a suspicious email
What are TO:, From:, CC;, Body of Email, Date, Attachment, Subject Line
400
This is Spear Phishing
(Actually it's Maverick and Goose)
What is a targeted attack on a specific individual to gain access to a system or to steal data?
400
This is the email firewall that filters out spam and other harmful emails
What is Proofpoint?
500
This file type is the only safe one to click on when receiving it in an email.
What is Text document or .TXT
500
These are at least 2 functions an attacker can gain access to when malicious software has been installed
What is Access to files/network, Access to webcam, Access to microphone, Record audio from phone microphone, Pinpoint GPS location.
500
This is how you would verify if a mobile app asked you to update their app through a text message.
What is Check app store to see if there is an app update?
Never update through SMS requests!
500
This is referred to Whaling
What is a specific type of spear phishing aimed at VIPs of the organization?
500
This is the wireless network that you should give to outside people that need access to network drives.
What is never give access to outside people to internal network resources?
or
What is a thumb drive should be used instead?