Cybersecurity Training for Resilience Staff

At Resilience, Inc. we strive to recognize cyber threats in order to maintain computer security. By understanding cybercrime, vulnerabilities and different threats, we can keep each other accountable and safe while on the internet.

• Cybercrime – any criminal offense that involves a computer and a network
• Safe Computing – avoid embarrassment and worse by knowing the way social networking exposes information, and understanding the ways hackers attempt to exploit information

Social Engineering Attacks

• Phishing Scams

• Communications via email or social media pretend to be from an official organization to try and trick you into giving them sensitive data, such as but not limited to, passwords, banks account numbers, etc.
• Never fall for a scam asking you to buy gift cards. If someone emails you from a strange
  email address but claims to be John Fay, do not reply, and do not follow the instructions to
  buy a gift card.
• Phishing emails and text messages often tell a story to trick you into clicking on a
  link or opening an attachment. They may:
  • Say they have noticed some suspicious activity
  • Claim there is a problem with your account or log-in attempts
  • Say you must confirm some personal information
  • Include a fake invoice
  • Want you to click on a link to make a payment
  • Say you are eligible for some sort of refund
  • Offer coupons for “free” stuff
  • Often include a link to a seemingly official website to steal your information
  • Ex. Phishing Scam
  • 
  • In the above example, there are a few key elements that should alert the reader immediately this is a scam.
    1. Claims to be “John Fay” but uses incorrect email
    2. Spelling and grammar errors
    3. Use of slang in email communication is never acceptable
    4. Spacing Inconsistencies
    5. Improper signature at the end of the email

Safe Computing Practices/Secure Web Browsing

• User ID/Passwords

1. 1. When creating your username and password:
      1. Never share with others
      2. Never use a password manager
      3. Never use easily guessable passwords such as “passwrd” or “user”
      4. Never reuse passwords
2. Ensure your Internet browser is sufficiently recent to incorporate security features and make certain these are correctly configured in your computer
3. Regularly scheduled Backups
4. Keep Browser software up to date
5. Never download any file you are unsure of
   1. If possible, run anti-virus software and scan files before downloading
6. When surfing the web, look for “https” or a padlock in your browser’s URL bar to verify you are viewing a secure site
7. Avoid using public WiFi when possible

FBI Incident Report Form Website

1. If victim to a phish attack, visit the following site and file a report with the FBI to help improve the security of our team. The link can be found here: https://www.ic3.gov/Home/FileComplaint

Email Etiquette Policy

1. When communicating with individuals out side of the organization, formally greet the person you email:
   1. Ms.___ Or Mr.___
2. Space out email accordingly, don’t have large chunky paragraphs. Emails look better with
   nice small paragraphs. Group paragraphs by information.
3. Always check grammar when writing an email. Reach out to a peer if you would like for
   the email to be double-checked for any errors or grammar.
4. Please do not use texting lingo/few word emails when communicating via email
5. Try to be timely with emails, respond within a day if possible
6. When  you CC someone in an email please introduce the person, you are CCing.
7. Always have your salutations at the end of the email. Your name, your title, your phone
   number, your email, and Resilience information.
8. Never use the word “free” in your subject line or your email could be marked as SPAM