SANS Assessment of Student Learning Plan (ASLP) Security Awareness Training

If you receive an email from the ITS department asking for a password change and notice the link is untrustworthy, what should you consider it to be?

• A. Spam
• B. Ransomware
• C. Phishing
• D. Legitimate

The correct answer is: Phishing

When you receive an email that requests sensitive information such as a password change and contains a link that seems untrustworthy, it should be considered phishing. Phishing is a form of cyber attack that attempts to trick users into revealing sensitive information, such as usernames, passwords, or credit card details, often by masquerading as a trustworthy entity. This specific scenario fits the definition of phishing because it involves an email from a department that you might expect legitimate communication from, which can be used to manipulate you into clicking on a link that potentially leads to a malicious website. The presence of an untrustworthy link is a significant red flag, indicating that the email is likely an attempt to steal your credentials or compromise your security. In this context, labeling it as spam would not accurately reflect the nature of the threat, as spam typically involves unsolicited emails that do not usually attempt to extract personal information but instead may just be irrelevant or promotional in nature. Ransomware refers to malicious software that encrypts data and demands payment for unlocking it, which does not apply to this scenario. Declaring it legitimate is misleading, as the warning signs indicate that it is a potential cyber attack. Recognizing it as phishing allows individuals to respond appropriately, such as by deleting the