Cybersecurity Simulation
Hello, I am Álvaro and I belong to the HR department.
I am an expert cybersecurity bot and I am here to help you
start
* EDIT OR DELETE THIS LOCUTION
What will we learn?
In this session, we will learn about the fundamental aspects that will help us avoid cybersecurity attacks on accounts and devices.
Keys
Use strongand unique passwords
Activate two-stepverification
Keep your operating system and antivirus
Always check the sender and links before clicking
Do not share personal datawithout being sure of the recipient
continue
Context
You are working normally when you start receiving suspicious emails and messages. Some seem to come from your bank, others from the accounts department, and one even appears to be from your company's IT department. You don't know whether to open them… So, you decide to consult the bot with some questions about a possible cybersecurity attack on your account.
continue
Bot, I just received a somewhat suspicious email. It appears to be from the technical support department, but I'm not sure if it's real or could jeopardize my account's security.
Okay, let's review it. Can you provide me with the email you received? I need to analyze it in detail.
email
📧
continue
What conclusions can we draw from this email?
After carefully analyzing the email, what do you think about its legitimacy?
The email includes several concerning signals: an executable file .exe, an urgent action request without prior confirmation through other channels, and a generic sender without a real name or signature. These elements combined are typical in malware attacks and impersonation scams.
Although the message mentions urgent an update, it is common for the technical department to send this type of instructions. The email appears well written, and there are no spelling errors, which lends it legitimacy.
The confirmation request after executing the file indicates follow-up by the sender, which suggests it is an official procedure. The tone is formal and technical, so it does not seem suspicious.
continue
Wow! It seems to be a cyberattack on my email account.
Yes, you should strengthen security to prevent future mistakes that could put documents and important company data at risk.
Can you help me improve it?
Sure, here are some recommendations:
- Use a password with a minimum of 12 alphanumeric characters in lowercase and uppercase that is unique for each account.
- Passwords should not contain personal data.
- It is best to generate it with a password manager.
- Keep your operating system and antivirus updated.
- Activate two-step verification on your accounts.
continue
Which of the following actions is the most effective to improve cybersecurity daily?
Avoid connecting to public Wi-Fi networks whenever possible, and if you do, do not open any browser to reduce the risk.
Use unique passwords for each account, enable two-factor authentication, and keep your devices and software updated regularly.
Use the same password for all your accounts, but make sure it is very long and complex, so it is easier to remember.
continue
Great! I will apply all this knowledge right away, so all the data I have access to will be much better protected.
Remember that after some time, you will need to set some new passwords with the security criteria mentioned above.
continue
Which of the following practices is safest to protect a password?
What should you do if you receive an email from an unknown source with a suspicious link?
Why is it important to keep operating systems and applications up to date?
Is it safe to use the same password across multiple websites if you have a complex password?
Context
You are going about your day when you receive a text from a social media site with a 6-digit numeric code. You have not logged in to that social media site in several weeks and never set up 2-factor authentication. You decide to open the app and see that all is well. But, you still have some concerns about what to do next.
continue
What do you do about the suspicious text?
Report it as spam or delete it
Respond in the off chance it is serious
Share the code with your friends
continue
What should you do to secure your social media account?
Set up a legitimate 2-factor authentication to ensure your account cannot be hacked
Nothing because you don't use it often anyway
Change the settings to always keep you logged in so you don't have to worry about suspicious texts
continue
What is a benefit of 2 Factor Authentication?
Context
You are working on your PC when Windows gives you an alert that you need to restart your computer. You are suspicious because you recently bought the best antivirus software on the market so you would no longer have to rely on your operating system.
continue
What action do you take?
Ignore the notification. The antivirus software will let you know if something is really wrong
Check the specifics of the Windows update - it could be for something besides security
Delete the antivirus software since it is obviously faulty
continue
Context
You are browsing a website when a chatbot pops up asking you if you need help. You have never used the feature before and decide to give it a try. You ask the question, but it responds asking for more information.
continue
What can you tell me about the current promotion where I add a new line to my phone plan?
I would be happy to tell you more, but first I need details about your account. Can you provide the credit card you used to pay your latest bill?
continue
It is not a good idea to share personal data online, especially if you cannot confirm the recipient's identity.
What have we learned?
Throughout this session, we have learned many of the most important keys to avoid cyberattacks on our accounts and devices, avoiding very common mistakes.
Keep your operating system and antivirus updated.
Use secure and unique passwords.
Activate two-step verification.
Updates fix security flaws that cybercriminals might exploit. Do not ignore them: update regularly to keep your device protected.
Add an extra layer of security to your accounts. Even if someone guesses your password, they will need a second code to access. It is easy to activate and very effective.
Avoid reusing passwords and create long keys with letters, numbers, and symbols. This way, you better protect your accounts. Use a manager to remember them without hassle.
Do not share personal information unless you are sure of the recipient's identity.
Always review the sender and links before clicking.
Before sharing any personal information, it is essential to ensure that the recipient is who they claim to be. It is important to use secure channels to share sensitive information.
Many attacks come through emails that appear legitimate. Verify the sender's address and hover over links to check if they are trustworthy.
continue
Congratulations!
From now on, you will be able to put into practice everything you have learned about cybersecurity and optimize your accounts to prevent attacks.
From: support.technical@mycompany.com To: [you@mycompany.com] Subject: 🔐 Mandatory Security Update – Action Required Before 6:00 PM Hello Álvaro, The Technical Support Department has detected a vulnerability related to the access credentials of several users. To ensure the security of your data and the corporate system, it is mandatory to apply a security update before today at 6:00 PM. Please download and run the attached file on your device: Attachment: Security_Update_TI.exe Once the update is completed, reply to this email with “UPDATED”. Thank you for your cooperation, Technical Support Department – mycompany.com support.technical@mycompany.com
Cybersecurity Simulation
Beth
Created on October 8, 2025
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Feedback and Leadership Simulation
View
Product Purchase Simulation
View
Onboarding Quiz for New Employees
View
Work Style Quiz
View
The Meeting Microlearning
View
The Meeting Microlearning Mobile
View
Customer Management Simulation
Explore all templates
Transcript
Cybersecurity Simulation
Hello, I am Álvaro and I belong to the HR department.
I am an expert cybersecurity bot and I am here to help you
start
* EDIT OR DELETE THIS LOCUTION
What will we learn?
In this session, we will learn about the fundamental aspects that will help us avoid cybersecurity attacks on accounts and devices.
Keys
Use strongand unique passwords
Activate two-stepverification
Keep your operating system and antivirus
Always check the sender and links before clicking
Do not share personal datawithout being sure of the recipient
continue
Context
You are working normally when you start receiving suspicious emails and messages. Some seem to come from your bank, others from the accounts department, and one even appears to be from your company's IT department. You don't know whether to open them… So, you decide to consult the bot with some questions about a possible cybersecurity attack on your account.
continue
Bot, I just received a somewhat suspicious email. It appears to be from the technical support department, but I'm not sure if it's real or could jeopardize my account's security.
Okay, let's review it. Can you provide me with the email you received? I need to analyze it in detail.
email
📧
continue
What conclusions can we draw from this email?
After carefully analyzing the email, what do you think about its legitimacy?
The email includes several concerning signals: an executable file .exe, an urgent action request without prior confirmation through other channels, and a generic sender without a real name or signature. These elements combined are typical in malware attacks and impersonation scams.
Although the message mentions urgent an update, it is common for the technical department to send this type of instructions. The email appears well written, and there are no spelling errors, which lends it legitimacy.
The confirmation request after executing the file indicates follow-up by the sender, which suggests it is an official procedure. The tone is formal and technical, so it does not seem suspicious.
continue
Wow! It seems to be a cyberattack on my email account.
Yes, you should strengthen security to prevent future mistakes that could put documents and important company data at risk.
Can you help me improve it?
Sure, here are some recommendations:
continue
Which of the following actions is the most effective to improve cybersecurity daily?
Avoid connecting to public Wi-Fi networks whenever possible, and if you do, do not open any browser to reduce the risk.
Use unique passwords for each account, enable two-factor authentication, and keep your devices and software updated regularly.
Use the same password for all your accounts, but make sure it is very long and complex, so it is easier to remember.
continue
Great! I will apply all this knowledge right away, so all the data I have access to will be much better protected.
Remember that after some time, you will need to set some new passwords with the security criteria mentioned above.
continue
Which of the following practices is safest to protect a password?
What should you do if you receive an email from an unknown source with a suspicious link?
Why is it important to keep operating systems and applications up to date?
Is it safe to use the same password across multiple websites if you have a complex password?
Context
You are going about your day when you receive a text from a social media site with a 6-digit numeric code. You have not logged in to that social media site in several weeks and never set up 2-factor authentication. You decide to open the app and see that all is well. But, you still have some concerns about what to do next.
continue
What do you do about the suspicious text?
Report it as spam or delete it
Respond in the off chance it is serious
Share the code with your friends
continue
What should you do to secure your social media account?
Set up a legitimate 2-factor authentication to ensure your account cannot be hacked
Nothing because you don't use it often anyway
Change the settings to always keep you logged in so you don't have to worry about suspicious texts
continue
What is a benefit of 2 Factor Authentication?
Context
You are working on your PC when Windows gives you an alert that you need to restart your computer. You are suspicious because you recently bought the best antivirus software on the market so you would no longer have to rely on your operating system.
continue
What action do you take?
Ignore the notification. The antivirus software will let you know if something is really wrong
Check the specifics of the Windows update - it could be for something besides security
Delete the antivirus software since it is obviously faulty
continue
Context
You are browsing a website when a chatbot pops up asking you if you need help. You have never used the feature before and decide to give it a try. You ask the question, but it responds asking for more information.
continue
What can you tell me about the current promotion where I add a new line to my phone plan?
I would be happy to tell you more, but first I need details about your account. Can you provide the credit card you used to pay your latest bill?
continue
It is not a good idea to share personal data online, especially if you cannot confirm the recipient's identity.
What have we learned?
Throughout this session, we have learned many of the most important keys to avoid cyberattacks on our accounts and devices, avoiding very common mistakes.
Keep your operating system and antivirus updated.
Use secure and unique passwords.
Activate two-step verification.
Updates fix security flaws that cybercriminals might exploit. Do not ignore them: update regularly to keep your device protected.
Add an extra layer of security to your accounts. Even if someone guesses your password, they will need a second code to access. It is easy to activate and very effective.
Avoid reusing passwords and create long keys with letters, numbers, and symbols. This way, you better protect your accounts. Use a manager to remember them without hassle.
Do not share personal information unless you are sure of the recipient's identity.
Always review the sender and links before clicking.
Before sharing any personal information, it is essential to ensure that the recipient is who they claim to be. It is important to use secure channels to share sensitive information.
Many attacks come through emails that appear legitimate. Verify the sender's address and hover over links to check if they are trustworthy.
continue
Congratulations!
From now on, you will be able to put into practice everything you have learned about cybersecurity and optimize your accounts to prevent attacks.
From: support.technical@mycompany.com To: [you@mycompany.com] Subject: 🔐 Mandatory Security Update – Action Required Before 6:00 PM Hello Álvaro, The Technical Support Department has detected a vulnerability related to the access credentials of several users. To ensure the security of your data and the corporate system, it is mandatory to apply a security update before today at 6:00 PM. Please download and run the attached file on your device: Attachment: Security_Update_TI.exe Once the update is completed, reply to this email with “UPDATED”. Thank you for your cooperation, Technical Support Department – mycompany.com support.technical@mycompany.com