|
|
...
The goal of this simulated phishing campaign is to help you to learn how to spot a phish and report it to the Cyber Security team. Accurately reporting phishing scams can allow the Cyber Security team to alert other employees and block future phishes.
Privacy
Information about individual responses will NOT be shared with supervisors or HR. Passwords will NOT be stored.
Opting in
Simulated phishing emails will be sent only to members of the [email protected] mailing list.users that have filled out the Google Form.
- Click here to subscribefill out the form: https://lists.docs.google.com/a/lbl.gov/sympaforms/subscribe/simulated-phishing
change to google form
...
d/1CyLC5yKCgwz9bvUOGLrC37zOJ0Vi0Y1EjnU01no5CCE
What is Phishing?
An important part of this campaign is distinguishing between what is a phishing email, a targeted phishing email, and spam.Phishing:
Attack | Description | Action you should take |
---|---|---|
Phish | These are attacks that |
...
are carried out in order to steal usernames, passwords, credit card information, Social Security Numbers, and other sensitive data by masquerading as a trustworthy entity. Most often the emails |
...
pretend to be from credible |
...
sources such as, financial organizations or online services. These messages often ask you to click on a link, send information via email or fax, or enter credentials into a seemingly legitimate website. |
...
Forward to [email protected] | ||
Targeted Phishing | These are attacks that are in the context of your affiliation with Berkeley Lab, UCB, UC, or DOE to steal sensitive data (i.e. usernames, passwords, SSNs). These messages could use names of co-workers, appear to come from LBL email addresses, or directly reference Berkeley Lab employees. These can be very difficult to distinguish from legitimate messages and are important to notify the Cyber Security team about quickly. | Forward to security@lbl.gov |
Spam |
...
These are unwanted messages but are not asking for sensitive information. |
...
Attack | Description | Action you should take |
---|---|---|
Phish | Forward to [email protected] | |
Targeted Phishing | Forward to [email protected] | |
Spam | Use spam reporting procedures |
How to reporting Phishing using Phishme Reporter
put the chrome extension here
describe what it does
- For more information on phishing see the Cyber Security Resources page on Spam, Phishing, Targetted Phishing
...
How do
...
I
...
report a phishing email?
Phishme Reporter for Google Chrome
The tool we are using to send and track simulated phishing emails comes has a Chrome extention called the Phishme Reporter.
This extention adds a button in Gmail
https://chrome.google.com/webstore/detail/phishme-reporter/dgbbjjedalfdhoeamabpnnepfjaegmop
Reporting for non-Chrome users
Send an Report the email to [email protected] and save reporting the incident and include the source code of the phishing email as an attachment.
If you do not know how to attach the source code click - Click here to learn how to forward the source code of an email as an attachment: Forward Email As Attachment
As this program progresses, there will be integration of a reporting button into Google Chrome that will simplify the reporting process.
Feedback
Feedback
In order to improve this program please fill out this form:
Privacy
Information about individual responses will NOT be shared with supervisors or HR.
Examples of Simulated Phishes (Coming Soon)