Over the next year, NYCHA’s IT Department will roll out a state-of-the-art security awareness training program proven to reduce phishing attacks and malware infections by up to 90 percent. Through quizzes, mock phishing attacks, and interactive training, employees will learn how to better handle this growing menace to help keep NYCHA, and themselves, more secure. The program will also help the IT Department assess and address any security deficiencies at NYCHA.
Here’s what it involves:
Mock Phishing Emails (Phase 1)
Phishing emails are fraudulent messages that:
- Request personal information (e.g., credit card and bank account info, passwords); or
- Ask you to click on a link or attachment that you should not click (because it could unleash a virus or malware).
In the coming weeks, IT will send test phishing emails to assess the ability of everyone using NYCHA’s network to recognize and delete phish. The test results will help determine the best training for our organization.
Education (Phase 2)
IT will roll out 10-minute, interactive, online training modules to help employees learn secure behavior, like how to avoid phishing emails. The training should be completed within 30 days of assignment.
As a reminder, if you receive a suspicious email:
- Contact Information Security & Risk by calling (212) 306-8006 or sending an email to firstname.lastname@example.org.
- Delete the suspicious email from your mailbox without clicking on any hyperlinks or attachments.
Please email email@example.com with any questions.