Cybersecurity risk awareness

Objectives

• Recognize the different forms of social engineering attacks (email, phone, text messages, etc.)
• Understand how information shared online can be exploited by attackers
• Identify warning signs in a suspicious message or situation
• Understand the real risks and impacts of a successful attack
• Adopt good digital security habits in everyday life
• Respond effectively in the event of a phishing attempt or compromise
• Apply essential preventive measures, such as two-factor authentication or incident reporting

Introduction

Understanding the importance of cybersecurity:

• Issues, key figures, recent examples of social engineering attacks.

Internet and social media use

Be aware of the risks associated with online exposure:

• Online presence and exposure of personal data
• Common bad practices (oversharing, geolocation, reused passwords)
• Concrete examples of exploitation via social media (LinkedIn, Facebook, etc.)
• Link with OSINT and victim targeting

Phishing and social engineering

Recognizing and protecting yourself against phishing and social engineering attacks:

• Phishing (email, text message, phone)
• CEO fraud
• Malicious devices (booby-trapped USB drives, etc.)
• OSINT & passive social engineering

The consequences of an attack

Understanding the potential impacts of a successful attack:

• Access to user accounts
• Theft of sensitive information
• Malware (ransomware, stealers, etc.)
• Hacking of IT equipment

Identifying an attack and protecting yourself effectively

Learn to identify warning signs and adopt the right reflexes:

• Warning signs
• Concrete examples
• Reflexes to adopt on a daily basis
• MFA, incident reporting
• How to react if you've been caught out