Cybersecurity warning.

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures (TTPs). Social engineering TTPs include phishing attacks that use email or malicious websites to solicit personal information by posing as a trustworthy organization, notably as charities providing relief. Exercise caution in handling emails with hurricane/typhoon-related subject lines, attachments, or hyperlinks to avoid compromise. In addition, be wary of social media pleas, texts, or door-to-door solicitations related to severe weather events.

CISA encourages users to review the Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity, and CISA’s Using Caution with Email Attachments and Tips on Avoiding Social Engineering and Phishing Attacks to avoid falling victim to malicious attacks.

ELC Information Security

Gamified Phishing Awareness Training

According to the FBI’s Internet Crime Report for 2022, the FBI’s Internet Crime Complaint Center (IC3) received 21,832 complaints for Business Email Compromise (BEC) with adjusted losses over $2.7 billion. Phishing, is by far, the most common type of threat organizations currently experience. The 2022 Internet Crime Report emphasizes this point with 300,497 falling victim to Phishing attacks – followed by Personal Data Breaches affecting 58,859 victims.

  • Train your employees on how to recognize phishing attacks and what to do when they spot them.
  • Improve your employees’ awareness and knowledge retention with gamified learning techniques.

Take advantage of course customization. Customize the training to emphasize the types of phishing threats that are most relevant to your industry and organization. Incorporate your policies to educate your employees on associated procedures for handling potential threats.