Don’t worry—you’ve just taken part in a safe training exercise designed to help you spot phishing attempts. Phishing emails try to trick you into giving out passwords, clicking unsafe links, or sharing personal information.

Why this matters:

• Phishing is one of the most common ways attackers target schools and educational organisations.

• Even one click can put sensitive information at risk.

• Awareness and careful habits are your best defence.

Next steps / Training resources:

1. Phishing 101: Learn how to recognise suspicious emails, links, and attachments.

2. Reporting: Always report suspicious emails to your IT/security team.

3. Password & Account Safety: Tips on creating strong passwords and using multi-factor authentication.

Resources:

• NCSC – Phishing Guidance

• NCSC Cyber Security Training for School Staff

• Google Phishing Quiz

• Cyber Aware – Tips for Staff

Quick Tips for Contextual Awareness:

• Does the service or product exist for you? (No Costa Coffee account = ignore that link)

• Hover over links before clicking; confirm URL matches what you expect.

• Is the request reasonable? (Banks/IT never ask for passwords over email)

• Cross-check with colleagues or IT before taking action.

Remember: Everyone can be tricked. The important thing is learning from it so it doesn’t happen again.

For any questions or concerns, contact your IT/security team.