Phishing attack simulation using Packet Tracer is a critical exercise in understanding and defending against cyber

threats.

Question $1$

Imagine you are tasked with designing a simulated phishing awareness exercise for your organisation's employees as part of a cybersecurity training program. Your goal is to educate employees about the dangers of phishing attacks and to test their ability to identify and respond to suspicious emails.

Instructions:

Scenario Description

Begin by describing a fictitious scenario in which your organisation's employees would receive a phishing email. Provide details such as the context, the sender$\text{'}$s identity, and any relevant information about the organisation. This should be a realistic scenario that employees might encounter in their work environment. $[5]$

Email Content

Design a simulated phishing email containing a link to a malicious webpage or attachment that fits the scenario you've

described. Furthermore design the mock$-$up malicious webpage and attachment. The email should contain typical elements of a phishing attempt, such as a malicious link or attachment. Craft the email to be convincing but not malicious, ensuring that it does not pose a real threat. Include elements that employees should be cautious about. Submit an image of both the email and the malicious page or attachment under this heading. $[20]$

User Response

Describe what actions you expect employees to take upon receiving the phishing email. This could include steps they

should follow to report the suspicious email or verify its legitimacy. $[5]$

Analysis

Explain the educational and awareness objectives of this exercise. Discuss how you will measure the success of the

exercise, such as tracking the percentage of employees who correctly identify the phishing attempt and report it$.[5]$

Reflection

Finally, reflect on the ethical considerations of conducting such exercises within an organisation. Discuss the importance of obtaining informed consent from participants, ensuring their emotional well$-$being, and maintaining a constructive learning environment. $[10]$

Grand Total: $45$ End of Formative Assessment $3$