Compliance

1234567891011121314151617
Across
  1. 2. A fake business email, often involving invoices, vendors, or wire transfers.
  2. 6. The right action when something feels suspicious, even if it turns out to be nothing.
  3. 7. A phone-call phishing attack where someone may impersonate IT, a manager, or a vendor.
  4. 9. Extra account protection that requires more than just a password.
  5. 10. A phishing attack sent by text message or SMS.
  6. 12. The quick test: Surprising, Time pressure, Outside process, Personal ask.
  7. 13. When attackers make an email, account, phone number, or website look real.
  8. 15. A tool type that can help work, but should not receive sensitive company data unless approved.
  9. 16. Protection to use when working on public Wi-Fi.
  10. 17. A phishing attack that uses a QR code.
Down
  1. 1. A tool or service provider that needs review before use.
  2. 3. Personal information such as name, email, address, phone number, or SSN.
  3. 4. A fake message designed to trick you into clicking, logging in, or sharing information.
  4. 5. A common social engineering tactic that pressures someone to act quickly.
  5. 8. One weak one can expose far more than one account.
  6. 10. Single Sign-On; reduces the number of separate passwords employees need.
  7. 11. The password manager employees should use for work accounts.
  8. 14. Controlled permission to systems, tools, or company data.
  9. 16. What you should do before acting on an unexpected request.