Training Dashboard

This site is a safe, simulated environment for teaching cyber security awareness to staff, customers, and family. Nothing here is actually harmful — it just looks scary on purpose.

1. Ransomware Attack Demo

Shows a simulated ransomware lock screen so people recognize it before panic sets in. Use this to explain how ransomware gets in, what it does, and why backups + updates matter.

2. Phishing Email Examples

Side-by-side view of a suspicious email and a breakdown of every red flag: fake sender, bad links, urgent language, and requests for info.

3. Top 20 Cyber Scams “Red Alert Screen”

High-impact, “you’ve been hacked” style screen listing the 20 most common scams across email, phone, text, and social media. Designed to grab attention and start conversation.

How to Use This Site in Training

Pick a module, show it on a big screen or in a meeting, and walk through it slowly. Encourage questions, ask people how they would respond, and give them a simple rule: “If it feels off, stop and ask before you click.”

Ransomware Attack Simulation

This is a demo only. Use it to show people what a ransom note might look like and talk through the steps that led up to this “screen.”

Pro tip for training: Ask, “What do you think happened right before this screen appeared?” (Clicked attachment? Old software? No backups?)

ENCRYPTION CONTROL PANEL - [DEMO ONLY]

STATUS: SIMULATED

🔒

All your important files have been encrypted.

Documents, pictures, databases, and backups on this computer are no longer accessible. To recover your data, you must obtain a unique decryption key.

>> To get your key, send payment of 2.500000 BTC to the address shown below. Do not power off your machine. Any attempt to tamper with this software will result in permanent data loss.

TRAINING TALKING POINTS:
• Ask: “What would you do if you saw this?”
• Cover: backups, patching, email filtering, and why we never pay criminals if we can avoid it.
• Emphasize: report it immediately — do not reboot, and do not try random online fixes.

Phishing Email Example

Here’s a fake delivery email that has multiple red flags. Use it to train people on spotting bad links, sender tricks, and urgent pressure language.

From:

"UPS Delivery" <support@up5-delivery.com> [FAKE DOMAIN]

To:

you@example.com

Date:

Today, 7:42 AM

Subject: URGENT: Final Attempt to Deliver Your Package #US-3948291

Dear Customer,

We attempted to deliver your package today but you were not home and we are unable to complete shipment without a confirmation from you.

To avoid permanent return of the parcel and extra fees, please confirm your address and pay the re-delivery charge using the secure link below:

Click here to re-schedule delivery

If you do not respond within 24 hours, your account may be restricted and future deliveries will be blocked.

Best regards,
UPS Customer Support

Why this email is suspicious

Sender address: up5-delivery.com instead of the real UPS domain. One character can be the difference between safe and scam.
Urgent pressure: “24 hours,” “permanent return,” “account restricted.” Scammers love fear and deadlines.
Generic greeting: “Dear Customer” instead of your real name.
Payment request: Asking for a “re-delivery charge” through a link is a huge red flag.
Link hiding: The blue “Click here” doesn’t show where it really goes. In real life, hover over it and check the address carefully.

Good habit: If you’re not sure, don’t click the link. Open your browser and go directly to the official UPS, USPS, or FedEx website, or use the tracking number printed on a physical slip.

Top 20 Cyber Scams - Red Alert Screen

Use this high-impact screen to grab attention at the start of training. It looks like a “you’ve been hacked” console, but it’s 100% safe and for education only.

CRITICAL SECURITY BREACH SIMULATION

NODE: TRAINING-STD01
STATUS: ALERT / EDUCATION MODE

⚠️

RED ALERT: TOP 20 CYBER SCAMS

If this were real, your data could already be gone. Learn these common scams so this screen stays training-only.

RULE #1: If you feel rushed, scared, or pressured to click, pay, or share information… pause, verify, and ask for help.

[ALERT] CHANNEL: EMAIL / PHONE / SMS / SOCIAL
[MODE] USER TRAINING ACTIVE
[ACTION] IDENTIFY & AVOID TOP 20 SCAMS

Top 20 Scams to Watch For

Email · Phone · Text · Social Media · In-Person

“Urgent account locked” phishing emails

Fake messages from banks, Microsoft, Apple, PayPal, etc. claiming your account is locked and you must click a link and log in. The link leads to a fake login page that steals your username and password.
Fake invoices & payment requests (Business Email Compromise)

Attackers pose as your boss, vendor, or accounting asking you to urgently pay an invoice or change bank details. Money is wired straight to the criminal instead of the real vendor.
Tech support phone scams

Someone calls claiming to be “Microsoft support” or “your IT company” saying your computer is infected. They try to remote in, install malware, or charge fake support fees.
Password reset / MFA code theft

You receive a real code (text or email) then a scammer contacts you pretending to be the company and asks you to read them the code. Once they have it, they reset your login and take over your account.
“You missed a delivery” text messages

Fake UPS/USPS/FedEx texts saying they couldn’t deliver a package. The link installs malware or leads to a fake site asking for your card or personal info.
Fake prize, lottery, or refund

“You’ve won a gift card!” or “You are owed a refund.” They ask for banking info, a small “processing fee,” or remote access to your device to “send” the money.
Romance & relationship scams

Someone builds a relationship online, then asks for money for “emergencies,” travel, or investment opportunities. They often avoid video calls and always need “just a little more.”
Job offers & work-from-home scams

Fake recruiters promising great pay for easy work. They may ask for upfront “training fees,” access to your bank, or send fake checks and demand refunds.
Fake charity or disaster relief

After storms, fires, or global events, scammers pose as charities, directing you to fake donation sites or asking for gift cards or wire transfers.
CEO / boss “urgent favor” emails

Short, urgent messages that look like they’re from your boss: “Can you quickly buy gift cards?” or “Send me the employee W-2 list.” The reply goes to the attacker.
Social media “friend in trouble” messages

A “friend” says they’re stranded, arrested, or in a hospital and need money now. In reality, their account was hacked and the scammer is messaging everyone.
Malicious attachments (invoices, resumes, scans)

Emails with attachments like “Invoice.pdf,” “Resume.docx,” or “Scanned_Statement.zip” that install ransomware or remote-control tools when opened.
Fake antivirus & “your device is infected” pop-ups

Scary pop-ups claiming your PC is infected, urging you to click “Clean Now.” Clicking can install malware or redirect you to a fake support number.
Crypto & “too good to be true” investments

Promises of guaranteed high returns, secret trading strategies, or celebrity-backed investments. Once you send crypto, it’s almost always gone for good.
QR-code tricks (in emails, flyers, or on doors)

A QR code on a parking meter, poster, or email that sends you to a fake payment site or login page. Easy way to hide a malicious link in “just a code.”
Fake app downloads & browser extensions

Apps or extensions that claim to speed up your device or block ads but actually spy on you, steal passwords, or show extra ads and malware.
Wi-Fi “evil twin” networks

Attackers create a hotspot named like “COFFEE_SHOP_WIFI” or “GUEST” and intercept your traffic, logins, and unencrypted data when you connect.
Physical social engineering (tailgating & badge tricks)

Someone follows you through a secure door, pretends to be a delivery driver, or claims they “forgot their badge” to gain access to restricted areas.
Impersonation of IT, HR, or help desk

Calls, chats, or emails pretending to be your internal IT or HR asking for your password, MFA code, or to install software “for an update.”
Data mining quizzes and “fun” surveys

Harmless-looking online quizzes like “What’s your first pet’s name?” that collect answers commonly used as password reset questions and security answers.

How to Stay Safe

Practical checks you can use every day

Before you click, answer these:

Sender check: Is the email or phone number correct? Watch for tiny misspellings.
Link check: Hover over links. Does the address match the real site exactly?
Pressure check: Is the message using fear, threats, or “urgent” language?
Money check: Are they asking for gift cards, crypto, or wire transfers?
Privacy check: Are they asking for passwords, MFA codes, or banking details?

Golden rules:

Never share passwords or MFA codes with anyone — not even “IT” or “support.”
Type important websites manually (bank, email, payroll) instead of clicking links.
When in doubt, contact the company or person using a known, trusted phone number.
Use strong, unique passwords and a password manager where possible.
Turn on multi-factor authentication (MFA) and report suspicious messages immediately.

If you think you clicked something bad:

Disconnect from the network (Wi-Fi and cable) if possible.
Do not try to “fix” it alone — contact IT / Computerz R Us support right away.
Tell exactly what happened: what you clicked, what you typed, and what you saw.