Phishing Awareness & Prevention

An essential guide to protecting yourself and PhotonRush

What is Phishing?

Phishing is a sneaky trick used by cyber attackers. They pretend to be someone you trust (like your bank, a coworker, or a service you use) to steal your private information, like your passwords or financial details. These attacks often come through emails, text messages, or phone calls.

A Simple Example

You get an email that looks like it's from your bank. It tells you that your account has been "locked" and you must click a link to log in and fix it. The link actually takes you to a fake website designed to steal your username and password.

🎣

Recommended Video:

Phishing: Keep I.T. Confidential cyber security campaign

How to Spot a Phishing Attempt

Phishing emails, texts, and calls often have red flags. Here's what to look for.

Sense of Urgency

The message tries to rush you into acting without thinking, using phrases like "Immediate Action Required" or "Your account will be suspended."

✍️

Poor Language

Look for bad grammar, spelling errors, or strange phrasing that a professional company wouldn't use.

👤

Generic Greetings

Instead of your name, it might say "Dear Valued Customer" or "Hello User."

✉️

Suspicious Sender

The sender's email address might not match the company it claims to be from. Check it carefully.

🔗

Unexpected Links

The message asks you to click a link you weren't expecting. The most important tip: Before you click, hover your mouse over the link to see the real destination. If it looks suspicious, don't click it.

Common Attack Vectors

Phishing comes in many forms, with email being the most common. Stay vigilant across all platforms.

Recommended Video:

How To Spot a Phishing Email

Your Defense: Safe Practices & Reporting

  1. Stop and Think: If a message makes you feel rushed or looks suspicious, stop and take a moment.
  2. Don't Click: Don't click on any links or attachments from sources you don't know or trust.
  3. Go Directly to the Source: If a message from your bank or a service asks you to log in, don't use the link. Instead, open a new browser window and type the official website address yourself.
  4. Never Share Passwords: We will never ask you for your password via email or text.
  5. Report, Report, Report: If you're unsure about an email, don't just delete it. Use the "Report Phishing" button in your email client, or forward the message to the IT/security team. This helps everyone stay safe.

Recommended Video:

Email Security Best Practices | Cybersecurity Awareness Training

Our Security Training Simulation

If you click on a link in one of our simulated phishing emails, you'll see this message:

This is a good thing! It's a safe environment to help you learn, not to punish you. It shows us where we can improve our training.

Quiz & Certification

🏆

Test your knowledge with a short quiz. You need to score at least 80% to earn a completion certificate.