SB161b Reports a simulated phishing email
Reporting phishing emails notifies IT or security teams that employees are being targeted by cyber attackers. Employees who report phishing emails reduce organisation's information security risk by ensuring that appropriately trained people can take steps to minimise the harm the potential cybercriminals can do.
Reporting a simulated phishing email is important as it ensures these emails are checked out by your IT or security team and shows a positive security behaviour.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Account compromise happens when unauthorised people access them.
Data theft is the intentional stealing of data.
A data leak is when data is accidentally or intentionally disclosed to unauthorised people.