Lab Exercise 1: Phishing Awareness

Objective

To develop awareness of common phishing techniques and enhance the ability to identify suspicious elements in emails.

Instructions

1. Email Distribution: You will receive a set of simulated phishing emails via email. Ensure that your email provider allows the delivery of these simulated emails to your inbox. These emails are designed to mimic common phishing tactics and may contain elements intended to deceive recipients.
2. Email Analysis: Once you have received the simulated phishing emails, carefully examine each one provided. Pay close attention to details such as the sender’s email address, the subject line, the content of the email, and any embedded links or attachments. Take your time to thoroughly review each email.
3. Identification of Suspicious Elements: As you analyze the emails, actively look for any elements that raise suspicion. These may include but are not limited to:

• Misspelled or unfamiliar sender email addresses.
• Use of urgent or threatening language designed to evoke fear or panic.
• Requests for sensitive information such as passwords, account numbers, or personal details.
• Embedded links that direct to unfamiliar or suspicious websites.
• Attachments from unknown sources or with unusual file extensions.

1. Documentation: Keep track of your observations by making notes on the suspicious elements you identified and your reasons for considering them suspicious. This documentation will help you reflect on your findings later.
2. Reflection: After analyzing all the emails provided, take a moment to reflect on your observations. Consider why these elements may indicate a phishing attempt and how you can apply this knowledge to enhance your email security practices in the future.

Simulated Phishing Email 1:

Subject: Urgent Action Required: Verify Your Account Now!

Dear Ella,

We have detected unusual activity on your account and suspect that it may have been compromised. To ensure the security of your account, we kindly ask you to verify your identity by clicking the link below and entering your login credentials.

VERIFY NOW!

Failure to verify your account within 24 hours may result in temporary suspension or permanent closure of your account.

Thank you for your cooperation.

Sincerely,
Tom

Simulated Phishing Email 2:

Subject: Exclusive Offer for You: Claim Your Reward Today!

Dear Ella,

Congratulations! You have been selected as one of our lucky winners to receive a special reward. To claim your prize, simply click the link below and follow the instructions.

CLAIM NOW

Hurry, this offer expires soon! Don’t miss out on this exciting opportunity.

Best regards,
Tom

Simulated Phishing Email 3:

Subject: Important Security Update: Immediate Action Required!

Dear Ella,

Due to recent security upgrades, we require all users to update their account information to continue enjoying uninterrupted service. Please click the link below to proceed with the verification process.

Update Now

Failure to update your account information within 48 hours may result in suspension of your account.

Thank you for your prompt attention to this matter.

Regards,
Tom

Simulated Phishing Email 4:

Subject: Invoice Payment Reminder: Action Needed!

Dear Ella,

This is a reminder that your invoice #10019 is now overdue. To avoid any late payment fees or service disruptions, please settle the outstanding balance immediately by clicking the link below.

PAY NOW

Thank you for your cooperation in this matter.

Best regards,
Tom