Unauthorized access to sensitive business and customer data.

Falling victim to phishing attacks can damage a business reputation, customers may lose trust in the organization’s ability to protect their information.

System Crashes, Slow Performance or Disabling Critical Services and Application

Through the theft of financial information, fraudulent transactions or ransom demands.

Inaccessible until ransom is paid. If backups are not available or compromised. Business may permanently lose data.

“malicious software” designed to disrupt, damage or gain unauthorized access to computer systems or networks.

Primary goal of ___ is to compromise the security and integrity of system, steal sensitive information, enable unauthorized access, can be spread such as infected email attachments, compromised websites, malicious downloads, or removable media.

MALWARE short for “___” designed to disrupt, damage or gain unauthorized access to computer systems or networks.

___ rely on user action or human intervention to spread. Propagation: File sharing, email attachments, infected removable media (flash drive), executing infected programs.

___ encrypts files or locks down computer systems, rendering them inaccessible to users until a ransom is paid.

____ capture and record keystrokes made by a user’s, enabling attackers to obtain sensitive information, password, credit card details and other confidential data.

____ is a common tactic used by cybercriminals to trick individuals into revealing sensitive information, such as login credentials or financial details.

(email or text messages) - requesting personal information such as account numbers, passwords, PIN or pretext account verification.

(emails or advertisements) - these messages may offer exclusive deals or discounts. Enticing recipients to click on malicious links.

(emails sent to job seekers) – offering lucrative job opportunities with well-known companies or abroad. Requesting passport details, bank account for employment verification.

(target users of popular social media platforms) - victims receive messages that appear from the official support team, claiming account security issues or unauthorized access.

(emails or messages) - impersonating government agencies in the Philippines are sent to individuals claiming urgent notifications, tax, refunds or penalties

____ refers to risks posed by individuals within an organization who have authorized access to sensitive data and misuse it intentionally or inadvertently. This can include employees, contractors, or partners with access to critical systems or information.

intentionally exploit their access privileges to carry out harmful activities. Include theft, unauthorized disclosure of sensitive data, sabotage of system.

unknowingly or carelessly compromise security through their actions or lack of adherence to policies and procedures.

access credentials have been compromised, either through external hacking or insider collusion.

___ intentionally steal confidential information such as customer records, intellectual property, with the intention of selling or using it for personal gain or to benefit a competitor

misuse their privilege access rights to gain unauthorized access to systems, database or accounts, potentially for malicious purpose.

This can be motivated by revenge, dissatisfaction by revenge, dissatisfaction or as an act of protest.

intentionally or unintentionally shares sensitive or confidential information with unauthorized individuals or the public such as social media, personal email accounts or communication channels.

accidentally sending confidential information to the wrong recipients, leaving sensitive documents unattended.

leverages human psychology to manipulate individuals into divulging sensitive information or performing actions that compromise security. It often involves impersonation, manipulation, or exploiting trust to gain unauthorized access.

attackers make phone calls pretending to be from a trusted organization or authority.

create fraudulent websites that resemble legitimate ones.

attackers pose as technical support, contact individuals claiming that their device is infected or experiencing issues.

impersonate someone else to gain trust and deceive individuals.

leave physical or digital in public spaces like flash drive, CD or download links.

exploit people’s goodwill by creating fake charity organization.