
Security Awareness Training
You have just participated in a phishing awareness exercise conducted by B. Johnson and Associates.
The email that you received was not a genuine attack, rather it was created as a way to help employees recognize common tactics used by cyber criminals to gain access to sensitive company information.
Warning signs to look out for
- Sense of Urgency
- The message stated that immediate action was required, and suggested consequences if immediate action was not taken
- Attackers often use urgency to encourage individuals to act before thinking
- Requests for Credentials
- Legitimate organizations rarely ask users to verify account credentials through links contained in email messages
- Unexpected Account Verification
- The email claimed that account verification was required, even though no prior was provided
- Links in Email
- Always hover over links before clicking to verify where they actually lead
Why This Matters
As a CPA firm, we are constantly handling personal information that is highly valuable to cybercriminals. This places a bigger target on our backs when compared to other industries, and as such we need to be able to protect sensitive information for the safety of our clients and to uphold the reputation of the firm.