SlideShare a Scribd company logo

Social Engineering Team Talk 1 PhishMe Leader Guide Final

S
Steve Gavora
1 of 3
Download to read offline
    SOCIAL ENGINEERING – PhishMe Reporting Tool Date: By: January 19, 2016     1    TEAM TALK – LEADER GUIDE WHO NEEDS TO KNOW: PFCU Leadership and Cast Members BY WHEN TOTAL TIME Leader Prep: 5 Min With Cast: 10-15 Min Purpose: Give an overview of “Social Engineering”, Cast Member responsibilities and how the PhishMe software will easily assist Cast Members in reporting Phishing attempts. Overview This Team Talk is focused on three areas:  Defining Social Engineering;  Defining Cast Member roles  Using the PhishMe software and clarifying Cast Member reporting This information will be distributed via:  CORE > Public Pages > Information Security Copies: The Leader Guide is for Leaders only. Talking Point #1: Defining Social Engineering Talking Point #1 is used to explain what Social Engineering is and how it is designed to prey on Cast Members by taking advantage of the Partners culture of service. The goal of Social Engineers is to access our computer systems by “tricking” our Cast Members into believing they are credible and trusted. Social Engineers will do this via phone calls soliciting personal information and/or emails which will attempt to connect to our systems. Social Engineers or “Phishers” are hopeful that people will:  Be Helpful Towards Others  Be Trusting of Our Members  Want To Do The Right Thing The exact same characteristics Partners expect and
    SOCIAL ENGINEERING – PhishMe Reporting Tool Date: By: January 19, 2016     2    TEAM TALK – LEADER GUIDE Talking Point #2: Defining Cast Member Roles receive from our Cast Members every day which makes us susceptible to phishing attempts! Talking Point #2 pertains to each Cast Members responsibilities in safeguarding our Members and company data. Cast Members play an important role in and are the first line of defense in safeguarding our Members and company information. Refer to the Quick Reference Guide, Best Phishing Practices section. Ask CMs to complete section 1 and 2 of the Activity Sheet and then review the answers using the key provided below. Phish in the Blank Exercise Answer Key Social Engineers “phish” for personal information via PHONE calls and EMAILS. While it is important that I be HELPFUL towards others, TRUST our Members and Do The RIGHT THING , often times Social Engineers will try to use this against me! Phish Fact or Phish Story Answer Key Email Personal Or Financial Information STORY Only Provide Information on Trusted Websites FACT Be Careful Downloading Files FACT Anyone May Be Diagnosing Your Computer STORY Protect Your Credentials FACT Adhere to Our Policies FACT There’s No Need To Pay Attention! STORY
    SOCIAL ENGINEERING – PhishMe Reporting Tool Date: By: January 19, 2016     3    TEAM TALK – LEADER GUIDE   Talking Point #3: Reporting Phishing Conclusion As we shared, it is critical that you know the risks, signs and report Phishing attempts. We are excited to launch a new reporting tool embedded in Outlook called PhishMe. PhishMe will enable you to quickly report Phishing attempts. It’s easy! Simply click the PhishMe button in Outlook and it will forward the suspicious email to the appropriate mailbox and delete it from your inbox. For mobile users, please continue to forward the suspicious email as an attachment to pfcubademail@partnersfcu.org. If you think you’ve received a phishing phone call, remember the following:  PFCU IT or Disney IT Cast Members will NEVER ask you for your password! Remember IT can remote into your computer any time.  If a Cast Member from PFCU IT or Disney IT calls you (which would rarely happen), call them back at ext. 6300. Social Engineering is a constant threat of which we must all be aware and vigilant. Protecting the integrity of our personal, company and Members’ information is critical and you are a HUGE part of the solution! If you have any questions, please see your leader and remember, Risk Management is here to help you as well. You can also reference the Quick Reference Guide and other key resources on the Information Security CORE page located here: CORE > Public Pages > Information Security.

Recommended

Phishing
PhishingPhishing
Phishing
North Carolina State University
 
Online registration 25 aug14
Online registration 25 aug14Online registration 25 aug14
Online registration 25 aug14
Naval OPSEC
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
Md. Mehadi Hassan Bappy
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
Jason Luttrell, CISSP, CISM
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
Data security concepts chapter 2
Data security concepts chapter 2Data security concepts chapter 2
Data security concepts chapter 2
Nickkisha Farrell
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
IRJET Journal
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 

Recommended

Phishing
PhishingPhishing
Phishing
North Carolina State University
 
Online registration 25 aug14
Online registration 25 aug14Online registration 25 aug14
Online registration 25 aug14
Naval OPSEC
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
Md. Mehadi Hassan Bappy
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
Jason Luttrell, CISSP, CISM
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
Data security concepts chapter 2
Data security concepts chapter 2Data security concepts chapter 2
Data security concepts chapter 2
Nickkisha Farrell
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
IRJET Journal
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjrpypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
SurajGurushetti
 
The Emotional Lure of Social Engineering
The Emotional Lure of Social EngineeringThe Emotional Lure of Social Engineering
The Emotional Lure of Social Engineering
The TNS Group
 
Writing A Biography Essay
Writing A Biography EssayWriting A Biography Essay
Writing A Biography Essay
Heather Dionne
 
Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)
SushantGautam10
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
ronpoul
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
ronpoul
 
Spear Phishing
Spear PhishingSpear Phishing
Spear Phishing
- Mark - Fullbright
 
Security Awareness Program
Security Awareness ProgramSecurity Awareness Program
Security Awareness Program
David Wigton
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
saivarun91
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
Jamie Proctor-Brassard
 
Safeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit TheftSafeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit Theft
Appsian
 
Advanced Phishing The Art of Stealing
Advanced Phishing The Art of StealingAdvanced Phishing The Art of Stealing
Advanced Phishing The Art of Stealing
Avinash Sinha
 
Submit a report that discusses the techniques used by malware deve.docx
Submit a report that discusses the techniques used by malware deve.docxSubmit a report that discusses the techniques used by malware deve.docx
Submit a report that discusses the techniques used by malware deve.docx
david4611
 
Safeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdf
Safeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdfSafeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdf
Safeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdf
CIOWomenMagazine
 
Article1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organiArticle1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organi
mallisonshavon
 
Amir bouker
Amir bouker Amir bouker
Amir bouker
Amir Bouker
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copy
Alisa Alvich
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
CMR WORLD TECH
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Manish Chauhan
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
Russell Publishing
 

More Related Content

Similar to Social Engineering Team Talk 1 PhishMe Leader Guide Final

Security Awareness Program
Security Awareness ProgramSecurity Awareness Program
Security Awareness Program
David Wigton
 
Submit a report that discusses the techniques used by malware deve.docx
Submit a report that discusses the techniques used by malware deve.docxSubmit a report that discusses the techniques used by malware deve.docx
Submit a report that discusses the techniques used by malware deve.docx
david4611
 
Article1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organiArticle1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organi
mallisonshavon
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copy
Alisa Alvich
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
Russell Publishing
 

Similar to Social Engineering Team Talk 1 PhishMe Leader Guide Final (20)

pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjrpypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
pypt.pptx.shshjsjdjjdhdhhdhdhdhdhhdhdjdjdjdjjrejjr
 
The Emotional Lure of Social Engineering
The Emotional Lure of Social EngineeringThe Emotional Lure of Social Engineering
The Emotional Lure of Social Engineering
 
Writing A Biography Essay
Writing A Biography EssayWriting A Biography Essay
Writing A Biography Essay
 
Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)Organization And Management Case Study Report, (IOE, TU)
Organization And Management Case Study Report, (IOE, TU)
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
 
Spear Phishing
Spear PhishingSpear Phishing
Spear Phishing
 
Security Awareness Program
Security Awareness ProgramSecurity Awareness Program
Security Awareness Program
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 
Safeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit TheftSafeguarding PeopleSoft Against Direct Deposit Theft
Safeguarding PeopleSoft Against Direct Deposit Theft
 
Advanced Phishing The Art of Stealing
Advanced Phishing The Art of StealingAdvanced Phishing The Art of Stealing
Advanced Phishing The Art of Stealing
 
Submit a report that discusses the techniques used by malware deve.docx
Submit a report that discusses the techniques used by malware deve.docxSubmit a report that discusses the techniques used by malware deve.docx
Submit a report that discusses the techniques used by malware deve.docx
 
Safeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdf
Safeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdfSafeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdf
Safeguarding Your Online Presence_ Social Media Cybersecurity Tips.pdf
 
Article1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organiArticle1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organi
 
Amir bouker
Amir bouker Amir bouker
Amir bouker
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copy
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 

Social Engineering Team Talk 1 PhishMe Leader Guide Final

  • 1.     SOCIAL ENGINEERING – PhishMe Reporting Tool Date: By: January 19, 2016     1    TEAM TALK – LEADER GUIDE WHO NEEDS TO KNOW: PFCU Leadership and Cast Members BY WHEN TOTAL TIME Leader Prep: 5 Min With Cast: 10-15 Min Purpose: Give an overview of “Social Engineering”, Cast Member responsibilities and how the PhishMe software will easily assist Cast Members in reporting Phishing attempts. Overview This Team Talk is focused on three areas:  Defining Social Engineering;  Defining Cast Member roles  Using the PhishMe software and clarifying Cast Member reporting This information will be distributed via:  CORE > Public Pages > Information Security Copies: The Leader Guide is for Leaders only. Talking Point #1: Defining Social Engineering Talking Point #1 is used to explain what Social Engineering is and how it is designed to prey on Cast Members by taking advantage of the Partners culture of service. The goal of Social Engineers is to access our computer systems by “tricking” our Cast Members into believing they are credible and trusted. Social Engineers will do this via phone calls soliciting personal information and/or emails which will attempt to connect to our systems. Social Engineers or “Phishers” are hopeful that people will:  Be Helpful Towards Others  Be Trusting of Our Members  Want To Do The Right Thing The exact same characteristics Partners expect and
  • 2.     SOCIAL ENGINEERING – PhishMe Reporting Tool Date: By: January 19, 2016     2    TEAM TALK – LEADER GUIDE Talking Point #2: Defining Cast Member Roles receive from our Cast Members every day which makes us susceptible to phishing attempts! Talking Point #2 pertains to each Cast Members responsibilities in safeguarding our Members and company data. Cast Members play an important role in and are the first line of defense in safeguarding our Members and company information. Refer to the Quick Reference Guide, Best Phishing Practices section. Ask CMs to complete section 1 and 2 of the Activity Sheet and then review the answers using the key provided below. Phish in the Blank Exercise Answer Key Social Engineers “phish” for personal information via PHONE calls and EMAILS. While it is important that I be HELPFUL towards others, TRUST our Members and Do The RIGHT THING , often times Social Engineers will try to use this against me! Phish Fact or Phish Story Answer Key Email Personal Or Financial Information STORY Only Provide Information on Trusted Websites FACT Be Careful Downloading Files FACT Anyone May Be Diagnosing Your Computer STORY Protect Your Credentials FACT Adhere to Our Policies FACT There’s No Need To Pay Attention! STORY
  • 3.     SOCIAL ENGINEERING – PhishMe Reporting Tool Date: By: January 19, 2016     3    TEAM TALK – LEADER GUIDE   Talking Point #3: Reporting Phishing Conclusion As we shared, it is critical that you know the risks, signs and report Phishing attempts. We are excited to launch a new reporting tool embedded in Outlook called PhishMe. PhishMe will enable you to quickly report Phishing attempts. It’s easy! Simply click the PhishMe button in Outlook and it will forward the suspicious email to the appropriate mailbox and delete it from your inbox. For mobile users, please continue to forward the suspicious email as an attachment to pfcubademail@partnersfcu.org. If you think you’ve received a phishing phone call, remember the following:  PFCU IT or Disney IT Cast Members will NEVER ask you for your password! Remember IT can remote into your computer any time.  If a Cast Member from PFCU IT or Disney IT calls you (which would rarely happen), call them back at ext. 6300. Social Engineering is a constant threat of which we must all be aware and vigilant. Protecting the integrity of our personal, company and Members’ information is critical and you are a HUGE part of the solution! If you have any questions, please see your leader and remember, Risk Management is here to help you as well. You can also reference the Quick Reference Guide and other key resources on the Information Security CORE page located here: CORE > Public Pages > Information Security.