1 / 6
Cyber-aware behaviors: phishing, social engineering, scams
In this lesson
Cyber-aware behaviors: phishing, social engineering, scams
Classify common digital threats (phishing, smishing, vishing, business email compromise) by their attack vectors and social engineering tactics, distinguishing characteristics that
You'll be able to
- Classify common digital threats (phishing, smishing, vishing, business email compromise) by their attack vectors and social engineering tactics, distinguishing characteristics that make modern phishing emails difficult to detect even for trained professionals [^3][^4].
- Evaluate the effectiveness of organizational cybersecurity awareness programs by applying CISA's Culture of Cyber Readiness framework, specifically assessing how staff training reduces susceptibility to phishing and business email compromise [^2].
- Apply the NCSC Cyber Aware action plan to real-world scenarios, demonstrating how password differentiation, multi-factor authentication, and vigilance practices mitigate phishing risks in AI and cloud production environments [^1][^2].
- Analyze phishing email campaigns by extracting structural features, NLP indicators, and contextual cues (such as spelling errors, requests for sensitive information, and deviations from expected sender behavior) to predict user susceptibility and inform training prioritization [^3][^4].
- Create incident response protocols that integrate CISA's Essential Elements (staff awareness, system protections, access controls, data backups, and crisis response) to limit damage and restore operations following a successful phishing attack [^2].