Program Summary

Thank you for completing the Cyber Crime Awareness Program. We are confident that you have obtained a valuable
amount of information related to Cyber Security and its related best practices in the topics of :

1. INFORMATION HANDLING & PERSONAL INFORMATION

2. SECURE COMPUTING
3. SECURE EMAIL
4. ONLINE SAFETY
5. SOCIAL ENGINEERING TECHNIQUES
6. PHYSICAL SECURITY

This booklet is a summary of all the key learning points and applicable actions that can be beneficial to you, your family
and community .
Importance of Cyber Security
Learning Summary

Overview
This module gives you an
Cyber attacks are a human problem – not introduction to the
necessarily something related to national importance of Cyber
security or an IT issue. Security, who is
responsible and what
Everyone has the power to help prevent a factors could potentially
exacerbate the risk of a
cyber attack.
Cyber Attack – and how
you can personally affect it.
This training will give you the means to help
keep loved ones, friends, and your
organisation safe from cyber attacks.
Data Privacy
Learning Summary
Overview
This module will give you
Awareness of classification of data is pertinent information on
paramount (e.g highly confidential data what attributes should be
should not be shared via email externally). defined in data, and also
where classified
Classified documents should not be stored documents should be
on non-approved storage systems, cloud stored, how you should
drives or USB drives. handle data, and when you
should destroy sensitive
Some data requires specific data material.
destruction, which must be followed prior
to disposal.
Common Threats
Learning Summary
Overview
This module will furnish you
Every cyber attack has a human with a background on
common cyber threats and
component somewhere.
their classification,
providing a foundational
Common threats include: Malware, understanding ready for
further depth later in the
Ransomware and Phishing.
training.

Man-in-the-Middle attacks occur when an

attacker listens to and modifies your
communications.
Reporting Incidents
Learning Summary
Overview
This module will allow you
Report security incidents promptly to your to correctly report security
incidents, and also give you
IT security department.
the background on why this
is an essential part of your
Always immediately disconnect the network every-day job.
cable and turn off WiFi from your computer. Also, this module will give
you the factors to look for
Do not attempt to fix the compromised when you suspect an
device yourself, nor should you shut down incident has happened.
the affected computer.
Cloud Computing
Learning Summary
Overview
This module introduces the
Cloud computing is just someone else’s concept of cloud
computer. It is difficult to be certain who computing, why it is
really has access to your data. popular, as well as the risks
associated with using cloud
Only used approved locations and services services and why they are
when storing work data. If in doubt, ask not always the right
your IT department. solution.

Enable 2 Factor Authentication for any

cloud accounts, to help protect your
account from being breached
Tips While Traveling
Learning Summary
Overview
This module presents you
Do not connect to public Wi-Fi points. with the dangers of
Instead, use private access via a dongle or working whilst traveling –
tethering to your phone. be that using public Wi-Fi
or working in public and
Keep electronic items with you or visible places.
somewhere secure – such as a hotel safe. This module also gives you
the knowledge to protect
yourself from potential
Use a VPN to protect your online threats, whilst traveling and
communications. working, and what to ask of
your organisation regarding
help.
Personal Devices & BYOD
Learning Summary
Overview
This module demonstrates
Best practice is not to mix personal and the consequences of
others gaining access to a
work devices.
personal work device.

If a personal device is used for work, your This module also presents
organisation may install software that the knowledge and
separates work and personal data. guidance needed to
protect and strengthen
Keeping your device up-to-date, alongside your device, should you
encrypting data and having a strong use it for work.
password can all help protect your device.
Passwords
Learning Summary
Overview
This module allows you to
Choose a long password over one that is understand the
overtly complex. Over ten characters is the complexities of choosing a
norm. secure password, why you
need to do so, and what
Password managers are a viable way of other factors you can utilise
to stop a Black Hat
generating secure passwords for websites.
accessing your accounts.

Where possible, use two-factor

authentication, as this creates an additional
barrier to an attacker gaining account entry.
Two-Factor Authentication
Learning Summary

Overview
This module will allow you
Make sure to implement two-factor to recognise the various
forms and parts of two-
authentication for all personal accounts.
factor authentication,
where it is valid, and the
If you receive login alerts and suspect importance of its use.
someone is trying to access your account,
immediately change your password.
If two-factor authentication is not available,
you can still receive email alerts when there
is a login attempted from another location.
Phishing
Learning Summary
Overview
This module the definition
Consider using separate email addresses of phishing, why phishing
for sensitive and non-sensitive accounts attacks occur and theira
and don’t share your address freely. impact. It also teaches you
how to spot phishing
Check the address of the sender carefully emails and what you should
and stop and think before clicking on any do when you encounter
links or attachments embedded in emails. one.

The module also provides

If in doubt, report an email as suspicious to some guidance on how to
your organisation. minimize your exposure to
phishing.
Spear Phishing
Learning Summary
Overview
This module will teach you
Always ask yourself 'does this person really to notice the primary
need this information?' when asked for indicators of a spear
information. phishing attack, along with
who a spear phishing
Verify a person's validity through searching campaign is aimed at and
how to correctly research
for their (or their company's) name online.
validity – and then
successfully report any
Make sure you understand how and when suspected spear phishing
to report phishing to your company’s attempts within your
security team. organisation.
Opening Attachments
Learning Summary
Overview
This module will help you
When a suspicious attachment arrives, understand the tricks that a
check sender, content and whether Blank Hat may use to get
it is something you expect to receive. you to open attachments
and why this is may be a
If in doubt, report the email as suspicious problem.
through your company's security
guidelines. You will also learn what to
do should you receive a
suspicious attachment.
Do not enable macros in documents and
keep system software up-to date.
Spam
Learning Summary
Overview
This module will allow you
Make sure to report spam, as this keeps to understand the
background and definition
both yourself and other colleagues safe.
of Spam, ways to reduce
the possibility of receiving it
Always be cautious in sharing your email – and the potential
when signing up for websites. Do you really consequences for
want to hear from this company? responding to it.

Responding to spam will most likely lead to

you receiving more of it.
Disclosing Sensitive Info
Learning Summary
Overview
This module will give you
Never send passwords via email. Instead the knowledge to choose
utilise a second factor such as SMS or the right methods of
phone call to send a password separately. encrypting and sending
sensitive information online.
Make use of secure file sharing facilities
(provided by your company) when sending Additionally, this module
sensitive documents. outlines what your
company should provide
If you send information to the wrong with regards to secure file
person, contact the appropriate work IT sharing and
troubleshooting, and how
security department for guidance.
you can correctly utilise
this.
Encryption of Data
Learning Summary
Overview
This module will cover the
When browsing websites, ensure you are importance of encrypting
secured with HTTPS. Do not use HTTP data, how and when this
when exchanging sensitive information. should happen in your
workplace, and what steps
Be aware of security threats present on the you can take to ensure
your devices and data are
Internet and keep devices up-to-date.
always secure.

Follow your organisation's policies

regarding BYOD, removable media and
data encryption.
Downloading Software
Learning Summary
Overview
This module covers the
Always ask yourself whether a download is different types of free
software download
essential. If it is not, then do not download.
approaches, such as overt
and covert, and will allow
Keep your anti-virus up-to-date to protect you to learn the barometers
against threats. Your IT department can for when to download,
help for specific software requirements. when to raise a request
and when to reject a
Software should only be downloaded from potential download of
software.
trusted sources, such as app stores.
URL Verification
Learning Summary
Overview
This module will give you
Before clicking on a link, hover or long- the means to know what
press to check the address showing is types of URLs are safe to
correct. navigate to, alongside the
shortfalls of clicking on
Beware of short-links and if in doubt, use unencrypted connections –
an online URL checking service to verify the and how to erase doubt
authenticity of a link. with regards to what is
safe.
Communication with a website should be
encrypted over HTTPS. Do not visit sites
your browser gives you a warning for.
Dark and Deep Web
Learning Summary
Overview
This module will give you a
The Deep and Dark Web are different. You high-level understanding of
cannot accidentally end up on the Dark the Deep and Dark Web,
Web. highlight their differences
and give you an overview
Both the Deep and Dark Web offer places of practices that can lessen
for criminals to hide and perform illicit the chance of your data
business. ending up on the Dark
Web.
Follow cyber safety advice to reduce the
likelihood of your information ending up on
the Dark Web.
Social Media
Learning Summary
Overview
This module will give you
Regularly examine privacy settings, and be the means to use privacy
vigilant not to share location, stories and settings on social media
information with the wrong people. correctly, along with
providing you with the
Limit information you share and avoid outlay to limit sharing
sharing work information on non-approved certain types of information
communication platforms. and picking secure security
questions when setting up
Choose security questions and answers social media accounts.
that are not identifiable via social media.
Laws & Regulations
Learning Summary
Overview
This module will give you a
As an Internet and electronic device user, background in Cyber Laws,
information on pertinent
you need to know about cyber laws.
local laws, and what should
be considered to avoid
Cyber laws provide protection against breaking any cyber laws.
cyber crime – oftentimes tweaking existing
laws to apply them to electronic devices.
There are various local laws surrounding
cybercrime you should familiarize yourself
with
Identity Theft
Learning Summary
Overview
This module demonstrates
Enable 2 Factor Authentication to protect why identity theft is a major
accounts, even if an attacker manages to problem and some of the
obtain your password. activities an attacker may
try and undertake to obtain
Shred documents in a cross-cut shredder or use your identity.
or provided secure disposal container. The module also provides
tips on how to improve
Be cautious of any information you share your protection against
online, especially if that data could be used identity theft.
to identify you personally.
Shoulder Surfing
Learning Summary
Overview
This module will help you
Try and avoid working in public areas such understand the correct
as coffee shops or on a plane. Be aware of definition of Shoulder
your surroundings and of those around you. Surfing and where you
might be vulnerable to it, as
Install a privacy filter on your screen, which well as how to minimise the
helps to limit viewing to only the person risk of a successful
sitting in front of said screen. Shoulder Surfing happening
to you.
Make sure to check the Security Tips While
Traveling module for more tips on
maintaining security whilst out of the office.
Phone Call Scams
Learning Summary
Overview
This module will give you
When receiving unsolicited phone calls, the background on the
always be cautious of who you are talking techniques a Black Hat will
to. use to commit a cyber
attack via phone call. It will
Do not give out sensitive information such also dive into the reasoning
as passwords or credit card information behind the Black Hat's
when people ask for them over the phone motives, the consequences
for you, and the steps you
Don’t be pressured in to decisions over the can take to negate a
phone. If you believe a phone call to be potential attack.
suspicious, simply hang up.
Removable Media
Learning Summary
Overview
This module will give you
Where possible, avoid using USB drives to an outlay of the perils of
transfer information. Your organisation using USB drives in the
should have a secure file transfer facility. workplace, and the steps
you can take to avoid
If a USB is used to transfer documents, having to use them – or
make sure that the drive and/or files are indeed the workarounds,
encrypted. should you have to utilise
them.
Ensure that your anti-virus is up-to-date to
protect you from infected USB drives.
Internal Threats
Learning Summary
Overview
This module will provide
Make sure to understand and follow your you with information on
insider threats to an
organisation's security policies.
organisation, the two forms
that an insider threat can
Your organisation will have specific take, and, most importantly,
procedures to follow when you suspect a how you can ensure you
serious security incident has occurred. avoid becoming a negligent
employee.
Treat sensitive information on a 'need to
know' basis; also, reduce its circulation.
Tailgating & Visitor Control
Learning Summary
Overview
This module will allow you
Increase vigilance by looking out for to spot the signs and
tailgaters and people behaving suspiciously tactics of a Black Hat
near buildings. seeking to gain access to a
secure area, via tailgating.
Challenge potential tailgaters; or, if not
confident enough, raise an alert to the Also, you will learn how to
security team, who will then do a check. lessen the potential for
tailgating by employing
relevant checks and daily
Keep your ID badge visible at all times in procedures.
the workplace, and safe when not.
Clean Desk Policy
Learning Summary
Overview
This module will highlight
Clean all items from your desk at the end of how easy it is for an
each day, securely destroying or locking intruder to steal sensitive
away any sensitive materials. information from a messy
office.
Never leave sensitive or classified material
unattended at your desk, even if only for a You will learn why it is
short time. important to have a clean
desk and meeting room
When using meeting rooms, remove policy and how to ensure
sensitive information from whiteboards your desk does not fall foul
of these policies.
prior to leaving
Dumpster Diving
Learning Summary
Overview
This module will introduce
Dumpster diving involves searching through you to Dumpster Diving,
disposed documents and devices such as what it constitutes and how
old computers, phones and USB drives. it could potentially affect
you in the workplace. It
Paper materials should be cross-cut also delves into what
shredded through a device in the devices can be restored for
workplace or with secured containers. information and where
electronic devices should
Dispose of electronic devices with your be disposed of within your
organisation.
organisation's security department.
Badge Cloning
Learning Summary
Overview
This module will dive into
Do not share you badge, and keep it safe the situations where badge
when not in the work building – especially cloning is most likely to
after work hours and in public places. occur, and therefore raise
your awareness of how to
Immediately report a potentially cloned or avoid it.
lost badge to security. They will issue a
new badge and deactivate the old one. Additionally, this module
will tell you what to do,
Temporary Passes (e.g Visitors Badges) should your badge be lost
should be recollected and destroyed at the or stolen.
end of meetings.