Phishing
You receive an email saying:
“Your mailbox is almost full. Click here within 30 minutes to avoid losing access.”
What is the main red flag?
Urgency / pressure to act quickly.
You receive a voice message that sounds like your manager asking you to urgently send a document.
Question:
Should you trust the voice alone?
No. Voice can be faked. Verify separately.
You see a QR code on a poster saying:
“Scan here for free coffee.”
Question:
What is one risk of scanning it?
It could lead to a malicious or fake website.
You leave your desk for coffee and your screen is still unlocked.
Question:
What should you have done?
Locked the screen.
A visitor asks if they can quickly use your work computer to print a document.
Question:
What should you say?
No. Work devices should not be used by visitors. Follow official visitor/support procedures.
An email looks like it comes from Microsoft. The logo is correct, the language is good, but the link goes to:
microsoft-login-security-check.com
Question:
What should you check before clicking?
The actual sender/domain and the real link destination.
An email is perfectly written, has no spelling mistakes, and uses a professional tone.
Question:
Does good language mean the email is safe?
No. AI can make phishing emails look polished and convincing.
A QR code takes you to a Microsoft login page.
Question:
What should you do before entering your password?
Check whether the request is expected and verify the URL/domain carefully. When in doubt, don’t log in.
A printed guest list is left on a shared printer.
Question:
Why is this a problem?
It may contain sensitive personal or operational information and can be seen or taken by the wrong person.
A person calls claiming to be from IT and asks for your password to “fix your computer and internet.”
Question:
What should you do?
Never share your password. End the call and verify/report through official channels.
A colleague sends you an unexpected attachment called:
Updated_Guest_List_FINAL.xlsm
Question:
Why is this suspicious?
It is unexpected, contains a potentially sensitive guest list, and .xlsm files can contain macros.
A colleague pastes internal meeting notes, names, travel plans and assessments into a public AI tool to “summarise them quickly.”
Question:
What is the security issue?
Sensitive/internal information may be exposed to an external AI service.
A QR code is placed on top of an official-looking poster in the building.
Question:
Why is this dangerous?
Attackers can physically replace or cover legitimate QR codes with malicious ones.
A sticky note on a monitor says:
“Wi-Fi password: Embassy2026!”
Question:
What is wrong here?
Passwords should not be written down and left visible.
You receive a text message from someone claiming to be one of your colleagues. They ask for internal information because “email and whatsapp is not working.”
Question:
What is the issue?
Unverified identity, unusual channel, and request for internal information.
You receive a message from Elay:
“I’m in a meeting. Please send me your phone number and approve the login notification you’re about to receive.”
Do not approve anything. Verify through a known separate channel and report it.
A video message from your manager requests urgent action outside normal procedure. It looks and sounds real.
Question:
What is the correct rule before acting?
If it is urgent, unusual or sensitive, verify through a separate trusted channel before acting.
You scan a QR code for “updated Wi-Fi access” and it asks for your work email and password.
Question:
What should you do?
Do not enter credentials. Report the QR code/security concern.
A colleague has forgotten to do something important on his computer. luckily, he remembered that his friend is still at the office.
Should he give him his personal details?
Your personal details are yours and yours alone.
You also will be held responsible for giving him your personal details if he does something Illegal.
Before a high-profile visit, you receive an email from an external contact asking for the updated guest list, arrival times and security details.
Question:
What should you do?
Do not send anything immediately. Verify the request, check whether they are authorised, and follow internal procedures.
A supplier emails a new bank account number and says future payments must go there. The email chain looks real and includes previous correspondence.
Question:
What type of attack could this be, and what is the correct response?
Business Email Compromise / invoice fraud. Verify the change through a trusted, separate channel before doing anything.
You receive a picture of a colleague, it looks like he has been kidnapped, he is strapped to a chair holding a sign with a QR-code. It says "SCAN TO PAY AND MAKE ME FREE".
What should you do?
Call Embassy Security for assessment.
if needed, call police.
A visitor says they cannot connect to Wi-Fi and shows you a QR code asking you to scan it to “approve access.”
Question:
What is the correct response?
Do not scan it. Follow official guest Wi-Fi/access procedures and refer them to the correct support channel.
A Family member\Friend is Facetiming you from abroad. you havent seen each other for a while and youre inside the embassy compound.
Do you answer?
NO!
every embassy employee is a target for phone hijacking\Hacking.
What your friend can see, can also be seen by the Enemy!
You click a suspicious link and enter your login details. You realise it five minutes later.
Question:
What is the best next action?
Report it immediately. Fast reporting is more important than embarrassment. The account may need to be secured quickly.