April 27, 2023
 
Cyber security is a growing and significant risk to our organization. We need everyone to help us stay protected by identifying and reporting potential threats, such as phishing, malware, ransomware, and spyware. These are all significant threats that could jeopardize important business data and systems by participating in phishing simulations.

There are two important things we need you to do:

  1. If you get an email that looks like phishing, report it. Here’s how:Microsoft 365 Outlook – With the suspicious message selected, choose Report Message from the ribbon, and then select Phishing. This is the fastest way to report it and remove the message from your Inbox, and it will help us improve our filters so that you see fewer of these messages in the future.

    outlook.office.com – Select the check box next to the suspicious message in your outlook.office.com inbox. Select the arrow next to Report, and then select Report Phishing.

  2. Complete the required cyber security training courses.
    You may recall doing on-line cyber security learning courses last year. To continue building awareness of cyber security threats such as phishing, all CH staff have access to two required, bite-sized on-line cyber security courses:
    1. Introduction to Cyber Security
    2. Phishing Awareness.

A third course called Ransomware Awareness will be offered starting at 8:00 AM on April 28, 2023. It should take about 15 minutes to complete. A link to the course will be sent to you through email on your Christian Horizons account. To login to the training use the same username and password you use to access your Christian Horizons email account.

We are asking everyone to complete the Phishing Awareness course before Monday, May 1, 2023. After that you will receive emails in your inbox to test your ability to identify phishing attacks. A simulated phishing campaign is when a company sends fake, malicious-looking emails to its staff to gauge how they react.

A pop-up PDF, similar to the above graphic will notify the team member immediately if they engage with the phishing simulation and direct them to do a second Phishing Awareness training. The goal of the simulated phishing effort is learning, not to catch and punish people. If you have successfully completed the Phishing Awareness course, you should have the necessary knowledge to identify phishing emails and submit them via the “Report Message” or the “Report” button respectively in the Microsoft 365 Outlook client or outlook.office.com to the IS&T Department.

If you have any questions or concerns, please do not hesitate to contact the IT Help Desk (VPN required).

Kind regards,
Bert VandeKuyt, IT Security Manager