on behalf of:

Oh no, that was a
phishing mail : (


But don’t worry, this is not a real phishing mail. We wanted to check if you can recognise phishing mails by now.

If you want, you can read how to recognise phishing mails and how to deal with a phishing mail.

You can find more courses on the topic of Cyber Security on PM eLearning.
Phishing mails often reveal themselves through specific characteristics

In general, caution is advised with foreign sender addresses. As soon as an e-mail requests data, red flags should be raised. Criminals use phishing mails to collect sensitive information to misuse it.

But be careful! Not every phishing mail is the same. The more criminals already know about a person, the better the phishing mail can be tailored to their target.

What are phishing mails?

Phishing is a scam via telephone, websites or email.

Criminals ‘fish’ for sensitive data such as login details and manipulate their targets with scary notifications.

Criminals use the data to ‘get a foot in the door’ of company systems.

Why are phishing mails a risk for companies?

Criminals want to gain access to systems and information. Two typical approaches are

The phishing mail refers to a fake website where, for example, login details are entered and thus fished out.

Malware-infected file attached to the phishing email or a link to the file, which infects the computer and connected networks and opens a ‘back door’ for criminals.

What role do phishing mails play for me?

Not every phishing mail is recognised as such by the spam filter or firewall. That is why all IT users are called upon to close any security gap.

You can make a valuable contribution and support your colleagues by recognising phishing mails as such and not falling into the trap.

You are also well advised to be protected against phishing in your private life. Phishing mails also find their way into private mailboxes and can harm private individuals in the same way. After all, your private devices, photos, messages or (user) accounts do not belong into other hands.

What do I do if I receive a phishing mail?
  • Delete the phishing mail
  • Inform the IT department
  • Warn colleagues
  • Unsure? Ask the IT department
  • Under no circumstances enter data on a linked website
  • Do not open links in phishing mails
  • Never save or open file attachments on the computer
  • Do not reply to the phishing mails

Do you still have questions about the phishing simulation?

Your employer wants to make you and your colleagues aware of the risks of phishing mails. Therefore, the CSX team has received your mail address so that we can send you phishing mails.

Beforehand: There is nothing wrong if you open the link. After all, you are supposed to learn about phishing on this website.

The phishing simulation registers whether the phishing mail or the link was opened. But the data is collected anonymously and cannot be assigned to any person. The data is collected to check whether the simulation has reached all participants.

Your company therefore does not find out that it was you who opened the phishing mail.

Phishing mails are an increasingly common phenomenon and problem – this applies to both the corporate and private spheres. Since technical security measures alone cannot provide a remedy, IT users must be made aware of the dangers and sensitized.

Raising awareness also offers great added value for you privately when you recognize phishing mails. After all, IT security and data protection are essential for protecting yourself from fraudsters and data misuse.