/
All Behaviours > SB161b Reports a simulated phishing email
SB161b Reports a simulated phishing email
Reporting phishing emails notifies IT or security teams that employees are being targeted by cyber attackers. Employees who report phishing emails reduce organisation's information security risk by ensuring that appropriately trained people can take steps to minimise the harm the potential cybercriminals can do.
Why is it important?
Reporting a simulated phishing email is important as it ensures these emails are checked out by your IT or security team and shows a positive security behaviour.
Priority Tier
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Risk Mitigated
Account Compromise
Account compromise happens when unauthorised people access them.
Data Theft
Data theft is the intentional stealing of data.
Data Leak
A data leak is when data is accidentally or intentionally disclosed to unauthorised people.
Further reading
https://www.frontiersin.org/articles/10.3389/fcomp.2021.563060/full
https://www.ncsc.gov.uk/collection/phishing-scams/report-scam-email
https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams