Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.
Transcript of Workshop
What Happens When You Get Phished?
What is Phishing?
Slide 1 Phishing Workshop
Slide 2 Overview
Slide 3 Content
Slide 4 What We Will Learn From This Workshop
Slide 5 About Bechtel
Slide 6 Needs Assessment
Slide 7 Person and Needs Analysis
Slide 8 Appropriate Needs Assessment Techniques
Slide 9 Phishing Drill
Slide 10 What is Phishing
Slide 11 What Happens When You Get Fished?
Slide 12 Business Impact
Slide 13 Recognizing Phishing Websites
Slide 14 Recognizing Phishing Emails
Slide 15 Did You Catch That?
Slide 16 Did You Catch That?
Slide 17 Evaluation Overview and Pre-Test
Slide 18 Phishing Evaluation
A global leader in engineering, procurement, construction, and project management.
Founded in 1898
Bechtel is the world's No. 1 choice for engineering, construction, and project management.
Worked on more than 25,000 projects in over 160 countries
More than 53,000 employees
$37.9 billion revenue in 2012
New contract awards valued at $23.9 billion.
Despite multiple, widely publicized cyber-attacks that have resulted in personal, corporate data and
direct financial losses reaching nearly $1 trillion dollars
, most companies still do not have adequate protection against phishing attacks.
Executives ignore, downplay or misinterpret the enormous threats these attacks represent.
When you get phished,
have effectively given the attacker a
for stealing something.
Brought to you by:
The act of
a trustworthy entity in an
to trick a person into taking an
that enables a theft of sensitive information
Bechtel User Name and Password
Financial Account Numbers and Personal
are what stands between the attackers and the private information on our internal network.
Impact on Bechtel's Business
It could damage Bechtel's reputation in the eyes of our current and potential customers.
This in turn could damage our competitiveness in the marketplace and lead to lost work.
Most securely breaches result in tangible costs, upwards of $10 million, which could negatively affect Bechtel's profitability.
What We Will Learn in This Workshop
How to Recognize and Respond to Phishing Attacks in Emails
How To Recognize and Respond To Phishing Websites
How to Report Suspected Phishing Attacks at Bechtel
Where to Go for More Information
Recognizing Phishing Websites
• How does phishing threaten our talent base?
• How will this training and development help meet my business goals?
Person and Task Analysis
. No padlock in address bar
Publicly available logos
Sense of urgency
Recognizing Phishing Emails
• What do our current employees do to accomplish our business objective?
• Who should be trained, manager, professionals, or core employees
• How will this training make a difference in product quality or customer service?
• What task should the employee be trained in?
1. Sense of urgency
2. Meaningless positions of
word 'Bechtel' in web address
3. Publicly available graphics
Appropriate Needs Assessment Techniques
Historical data review
Focus groups and collaboration tools
Did You Catch That?
Is this phishing?
Point it out?
Is this phishing?
Point it out?
Did You Catch That?
Evaluation Overview and Pre-Test
: Occurs after the final version of instruction is implemented. This type of evaluation
assesses the overall effectiveness of the instruction
. Data from the Summative Evaluation is often used to make a decision about the instruction.
Results show training needs.
People around the world in different offices responded negatively, raising the issue of possible phishing schemes.
Whether or not you are able to recognize the phishing emails or websites given throughout the presentation.
If the company sends a fake email in order to observe how many people respond after the training, would you fall for it?
Can you successfully pinpoint attempted phishing schemes?
Based on the quizzes and information given students were able to
successfully identify the differences between phishing email/websites, and legitimate emails/websites.
We tricked the employees into taking action
in a phishing test without them knowing.
Click the link in the email
Enter user name and password
What Questions Do You Have??
For more information call our hotline: 1-800-BEC-FISH
Or email: firstname.lastname@example.org
Transfer of Training
We at Bechtel want to make sure that our resources are protected at all times and to do so we will be:
Send quarterly reminders.
Follow up on emails and concerns sent to our website and hotline.
Everyone in this class is a professional, if you believe you have received an email that raises a red flag please send it to our staff:
Like stated before
are the only thing between the hacker and our internal systems.
Plan Time Allotted
Slide 1 - 4 5:30 2
Slide 5-8 5:32 3
Slide 9-12 5:35 3
Slide 13 - 16 5:38 4
Slide 17 - 18 5:42 3
Wrap-up questions 5:45