A phishing attack recently targeted our organization. This 5-minute training is based on what actually happened — and what you need to know to stop it.
⚠ Real Incident — Action Required
Microsoft 365 Defender quarantined multiple phishing emails sent to staff using the subject "Signature Required – 2026 Employee Agreement." You may receive a quarantine notification. Do NOT release the email without IT Security approval.
⏱ ~5 minutes🎓 7-question quiz📋 Certificate on completion🔒 Mandatory for all employees
MODULE 01
The Real Incident
~45 sec
MODULE 02
What Is Phishing?
~45 sec
MODULE 03
Spotting the Attack
~60 sec
MODULE 04
Red Flags
~45 sec
MODULE 05
Quarantine Alerts
~30 sec
MODULE 06
Your Required Actions
~30 sec
MODULE 07
Knowledge Quiz
~60 sec
MODULE 08
Certificate
~25 sec
Module Training
PHISHING AWARENESS
Watch the full training video below. Use the chapter list to jump to any section. Complete all modules to unlock the quiz.
🚨
WE WERE TARGETED
Microsoft 365 Defender recently detected and blocked multiple phishing emails sent to staff across our organization.
"Signature Required – 2026 Employee Agreement"
🎣
WHAT IS PHISHING?
Attackers send convincing fake emails — the bait — hoping you'll click a link or hand over your password. If you do, they've caught you.
A single click can put the entire organization at risk.
👩💻
MEET SARAH
Monday morning. An email lands: "Signature Required." The sender is hr-team@company-docs.net — not our real domain. There's a link. Deadline: today. Sarah pauses. Thinks. And reports it.
Sarah protected the whole company.
🚩
6 RED FLAGS
Unexpected request · Unusual sender domain · Urgency ("act now") · Password request · Suspicious link · Spelling errors. If you spot any one of these — stop and report.
IT Security will NEVER ask for your password by email.
📥
QUARANTINE ALERTS
You may receive a Microsoft 365 quarantine notification. The notification is legitimate. But the quarantined email may be malicious.
Do NOT release quarantined emails without IT Security approval.
✅
YOUR REQUIRED ACTIONS
1. Don't click suspicious links or attachments. 2. Don't enter passwords from email links. 3. Report to IT Security immediately. 4. Delete after reporting. 5. If you clicked — call IT now.
vgreens-security-academy.pages.dev
📝
TEST YOUR KNOWLEDGE
You've completed all 6 training modules. Now test what you've learned with a short 7-question quiz. You need 5/7 to pass.
Training complete — take the quiz!
Module 1 — The Real Incident0:00 / 5:20
Course Chapters
01The Real Incident0:45
02What Is Phishing?0:45
03Story: Meet Sarah1:00
04Red Flags to Watch For0:45
05Quarantine Notifications0:30
06Your Required Actions0:30
07Complete — Take the Quiz—
Real-World Examples
SPOT THE PHISH
These examples are based on actual phishing techniques. Each one contains red flags — see if you can spot them before reading the tags.
From:⚠ hr-noreply@company-docs-online.net (NOT our real domain)
Dear Team Member,
As part of our annual compliance process, all employees are required to review and sign the 2026 Employee Agreement.
This must be completed by end of business TODAY to remain in compliance.
Please click below to review and sign:
[ CLICK HERE TO SIGN YOUR AGREEMENT ]hxxp://employee-docs-sign.malicious-site.com/agree2026
If you have questions, contact us at hr@company-docs-online.net
Best regards,
Human Resources Department
⚠ Wrong Domain⚠ False Urgency⚠ Unexpected Request⚠ Suspicious Link⚠ Not From IT/HR
Subject:ACTION REQUIRED: Your account will be locked in 24 hours
Hello,
Our security system has detected unusual login activity on your Microsoft 365 account.
To prevent your account from being locked, you must verify your password immediately.[ VERIFY PASSWORD NOW ]hxxp://m1crosoft-verify.support-login.net/reset
If you do not complete this within 24 hours, your access will be suspended.
IT Security Team
⚠ Fake Microsoft Domain⚠ Password Request⚠ Extreme Urgency⚠ IT NEVER Asks Passwords⚠ Suspicious URL (m1crosoft)
Hi,
I need you to process an urgent wire transfer of $14,750 to one of our new vendors.
This is time-sensitive and confidential — please do not discuss with other staff until it's complete.
Vendor banking details:
Account: 8823-4491-XX | Routing: 0612-XXXX
Let me know once done.
Thanks,
James (CEO)
⚠ CEO Impersonation⚠ Secrecy Demand⚠ Urgency⚠ Financial Request⚠ Wrong Domain
Golden Rule
IT Security will NEVER ask for your password via email. Any email requesting your password is always a phishing attempt — always.
Knowledge Check
QUIZ
7 questions based on your training. You need 5/7 to pass and receive your certificate.
🏆
Training Complete
WELL DONE!
You have successfully completed the Phishing Awareness & Email Safety training course based on a real incident.
7/7
Quiz Score ✓ Passed
Completed: May 11, 2026
🔴Never click suspicious links or attachments
🔐IT Security never asks for passwords by email
📣Report suspicious emails immediately
🗑️Delete after reporting
📥Don't release quarantine without IT approval
🚨Clicked a link? Call IT Security now
Remember
A single click can put the entire organization at risk. You are the last line of defense.