CoverSelf - Phishing and Cyber Threats Awareness

[Audio] Welcome to CoverSelf's awareness session on phishing and cyber threats. In this short training, we will learn how cyber attacks happen, how to identify suspicious emails, messages, fake websites, and what actions to take to stay safe online..

[Audio] Disclaimer All proprietary information shall remain the sole and exclusive property of CoverSelf. The information in this document is intended for internal use only. Any unauthorised use, disclosure, copying or distribution of this document is strictly prohibited..

[Audio] Why This Matters "Cyber attacks often begin with a simple phishing email or fake message. One careless click can expose company data, customer information, passwords, or even lock systems through ransomware. The good news is that most attacks can be prevented by slowing down and thinking before clicking.".

[Audio] Real-Looking Phishing Email "This example shows a phishing email pretending to be from Microsoft 365. At first glance it may look legitimate, but there are several warning signs. The sender domain is fake, the message creates urgency using a 24-hour deadline, and it asks users to click a verification link. Attackers use these tactics to steal passwords and gain access to company accounts.".

[Audio] Fake Login Pages "Attackers often create fake login pages that look almost identical to real websites. Before entering your password, always check the website address carefully. Real Microsoft websites end with microsoft dot com. If you reached a login page through an email link, stop and verify before signing in. Entering passwords on fake sites can expose emails, files, and sensitive company data.".

[Audio] Phishing Through WhatsApp "Phishing attacks can also happen through WhatsApp messages or chat applications. Attackers may pretend to be managers, HR teams, banks, or trusted contacts. Common warning signs include unknown numbers, urgent requests, secrecy, or requests for gift cards and payments. Never share passwords, OTPs, or payment information through chat messages. Always verify requests by calling the person directly on their known company number.".

[Audio] Suspicious Links and QR Codes "Fake websites and QR codes are designed to look similar to legitimate ones. Attackers may replace letters with similar-looking characters to trick users. Before clicking links or scanning QR codes, carefully check the actual website name. Always preview the destination link before opening it. If the URL looks unfamiliar or suspicious, avoid proceeding.".

[Audio] Credential or Password Compromise "Password compromise usually begins with fake emails, messages, or login pages that trick users into entering credentials. Once attackers gain access, they may misuse company accounts, steal sensitive information, launch phishing attacks, or deploy ransomware. Protecting login credentials is critical for maintaining company security.".

[Audio] How to Stay Safe "Always verify links and website names carefully before clicking. Never share passwords or OTPs with anyone, including people claiming to be from IT or HR. Avoid signing in through unknown links and instead open important websites directly in your browser. If you receive unusual requests, verify them using a known contact number before responding.".

[Audio] If Something Feels Off "If a message or request feels suspicious, remember these three steps: Stop, Verify, and Report. Do not click or reply immediately. Verify the request by contacting the person through a trusted number. Then report suspicious emails, messages, or links to the security team. Reporting early helps prevent potential cyber attacks.".

[Audio] Quick Check: Real or Fake "This slide shows examples of both fake and legitimate messages. The phishing email contains suspicious sender details and an unusual attachment asking users to sign in. In contrast, the bank SMS contains proper transaction information and official support details. Always pay attention to small differences in email addresses, links, and message behavior.".

[Audio] "Thank you for attending this awareness session on phishing and cyber threats. Strong security depends on careful observation and responsible decisions every day. If you notice anything suspicious, immediately report it to the security team. Staying alert helps protect both personal and company information.".