Your company is participating in a Cyber Security Education Program.

This Social Media Policy Phishing Attack included the following social engineering techniques:

1. Spoofed email name (example: on behalf of <executive>).
2. Urgency to act ("Accept Terms").
3. Simple clean email to minimize suspicion.
4. Link to allow you take action attacker wants ("Social Media Policy").

How to spot this was a phishing email:

1. Was this an email you expected to receive? No - Be cautious
2. Did this email (address) come from someone from management you know?
3. You should reach out to management if in doubt.
4. The sender named email address was not associated with your company.
5. Example: social@<domain.com> not associated with your company.
6. The link provided used suspicious domain similar to above.