A VPS Sandbox serves as a crucial line of defense by creating an isolated environment

Receive Email: This stage represents the initial contact point where an employee receives an email. In the context of phishing prevention training, this step is critical as it determines how well an employee can identify potential phishing attempts from normal correspondence.

Open link: At this step, if the received email contains a hyperlink, the decision to click it is made. This action is crucial within our training simulations as it tests whether the employee can discern between safe and malicious links based on the email’s context and prior awareness training.

Is Virtual Private Server or Sandbox used? This decision node evaluates whether the link from the email is opened in a safe, isolated environment such as a Virtual Private Server or a sandbox. This is a best practice in secure environments to prevent potential threats from reaching the main network.

No isolation: Reflects the scenario where there is no use of isolated environments to assess email links, increasing vulnerability to potential phishing attacks. This teaches the importance of using protective measures before interacting with suspicious links.

Open link in isolated environment: Indicates the proactive action of opening a suspicious link in a controlled environment to ensure that any potential threat is contained and does not affect the user’s real operating environment. This step is essential in training sessions to promote cautious handling of unknown links.

Is phishing site accessing information? This decision point asks whether the phishing site, after the link is opened, is attempting to access sensitive information. It emphasizes critical thinking about the behavior of the websites accessed via suspicious emails.

Prevent access: This stage involves taking measures to prevent further access by the phishing site to any information. It highlights reactive measures in phishing defense, critical in minimizing damage post-identification of a phishing attempt.

Information secure: This final point underlines that the information remains secure after all the appropriate cybersecurity practices and checks were implemented successfully. It is a key outcome in our phishing prevention training, indicating successful identification and mitigation of a phishing attack.

In the provided workflow, employees are guided through a structured response to potential phishing attacks, ensuring they have the knowledge and tools needed to protect sensitive information. Each step of the workflow—from receiving an email to ensuring information security—plays a vital role in a robust phishing defense strategy, accentuating the importance of a proactive and aware organizational culture regarding cybersecurity.