Security Awareness Exercise

This was a controlled phishing simulation conducted by HancoCyber for SMGPA. 

Thank you for participating — your response helps strengthen our defences.

What We Tested

1. Whether you would click a link in an unexpected email.
2. Whether you would attempt to sign in after following that link.

This information helps us focus future training and reduce risk.

Clues You Could Have Spotted

• The sender domain looked similar, but was not the official company domain.
• The message created mild urgency (“maintenance window”, “action required”).
• The sign-in page URL was not a genuine Microsoft or company address.

What To Do Next Time

• Hover links to preview where they really lead.
• Open official sites via bookmarks or by typing the address directly.