Full Text
Attention: You have fallen for an authorized simulated email phishing attack that was coordinated by the City of Cody and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). What is a Phishing Attack? Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal or company information by posing as a legitimate organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts. Attackers may use these same methods to obtain information about an organization in an attempt to compromise its computer systems. What Should You Do Now? First—please do not share with others that an email phishing campaign is underway. Your organization’s Information Technology (IT) Department would like to acquire an accurate assessment during this campaign. Do check with the City of Cody’s IT staff if you have concerns about the legitimacy of this exercise. Second—no one will be individually identifiable during this campaign. The Department of Homeland Security is conducting this campaign and does not reveal individual email identities. The sole objective is to educate. Follow the City of Cody’s standard procedure for dealing with suspected phishing emails by opening a support ticket at support.codywy.gov or emailing [EMAIL REDACTED] to alert the IT Department. SIMULATED PHISHING EXERCISE Upon completion of this email phishing campaign, the City of Cody’s IT Department will share statistical results and continue to distribute information on how to avoid becoming a victim of an email phishing attack.