NYCHA Now

NYCHANow chronicles the hard work of the men and women who make the New York City Housing Authority run, reporting the latest news and happenings.

NYCHA Now
Cyber awareness training characters
IT News and Notes June 2019 

New Cyber Awareness Video Training

Michael Corwin

NYCHA’s cyber awareness training program now includes monthly video training and fake phishing attacks from the NYC Cyber Command (NYC3).

Monthly video training

Beginning June 17, 2019, the NYC Cyber Command will email you a secure link every month, giving you access to your secure library of training videos. To complete your assignment and earn a badge for knowing how to stay safe, click the secure link, watch a quick video, and answer a question about the month’s topic.

The characters in the video training must decide whether to listen to Human Error or Sound Judgement. Human Error is sloppy and always dressed in pajamas and a robe, while Sound Judgement gives the intelligent answer and usually loses to Human Error. The scenarios are funny and engaging.

Get ready for NYCHA’s latest cyber awareness training experience

  1. Every month, NYCHA LAN users will receive an email from the NYC Cyber Command with a secure link.
  2. Click the link to access your secure library of clever cyber awareness training videos.
  3. Watch a quick video and answer one question about the month’s topic.
  4. Complete your assignment and earn a badge for knowing how to stay safe.

Fake phishing attacks

Phishing attacks against City employees continue to increase in frequency and sophistication. Even with technical controls, phishing emails slip through and reach our end users. Everyone using NYCHA’s email, networks, and applications needs regular training and reminders about how to recognize and report attacks.

When our employees fall for a real phishing email, there can be significant negative impact to information, privacy, resources, finances, work load, and reputation. NYC3’s Anti-Phishing Program identifies who is susceptible to phishing attacks by providing phishing tests approximately monthly to all our users. If you fail the test (e.g., by clicking a link or providing information) you will receive a simple training pop-up to better understand how to avoid and report a phishing attack. Test phishes are based on current real-world attacks. Training is customized to demonstrate specific knowledge.

If you receive a suspicious email

  • Call NYCHA’s Information Security & Risk team at (212) 306-8006.
  • Report the suspected phishing email:
  1. With the suspected phishing email highlighted or opened, hit CTRL-ALT-F.
  2. Enter phish@cyber.nyc.gov as the recipient and click send. You’ve now forwarded the email, with required tracking information, as an attachment to the NYC Cyber Command Security Operations Center for analysis.
  3. Delete the suspicious email from your mailbox without clicking on any hyperlinks or attachments and delete it from the Deleted Items folder.