Exercise Solution: Championing Security

Sample E-mail Example

To all company associates:

Phishing campaigns remain one of the most highly used techniques by bad actors seeking to gain unauthorized access to our organization and its assets. As a reminder, phishing attempts occur when a bad actor sends email messages attempting to trick users into clicking on a malicious hyperlink or provide personal information like corporate credentials in a web form. More often than not, these emails are made to appear as if they are coming from well-known organizations, companies our organization works with, or from colleagues.

It is important to scrutinize every email. Often phishing emails have spelling mistakes, look slightly different in appearance, or originate come from unexpected domains but sometimes phishing emails look perfectly harmless. So, you should also scrutinize what the email is asking you to do. Does it seem out-of-the-ordinary? Is it something that you wouldn't ordinarily do outside of work (e.g. send money to someone unexpectedly)? If you receive a phishing email or just aren't sure please contact the information security department at InfoSec@domain.com.

Thank you,

Company Governance Professional

QUESTION:

How did your e-mail compare to the one above? How is it different?