Phishing Awareness Training

🎯 Real attacks blocked — your company, last 30 days

Date	Subject used by attacker	Type	Target
May 11	Action Needed: We recommend you re-activate mailbox l…	High Confidence Phish	caspar.krampe, claas.menne
May 8	Re: Offer to Purchase V Green Solution Private Limited	Phish	claas.menne
May 8	Neue Geschäftspartner aus China in Düsseldorf treffen	Spam	info@v-greens.com
May 8	Stefan, perhaps you can help / Maximilian, perhaps you can help	Phish	stefan.lieschke, maximilian.hartma
May 7	Offer to Purchase V Green Solution Private Limited	Phish	claas.menne
May 7	Portal Access: Don't Get Locked Out	High Confidence Phish	david.smentoch
May 7	Signature Required – 2026 Employee Agreement #Ref:b…	Phish	glenn.davies, caspar.krampe, ioannis.ziogas
May 7	Full-stack web support	Phish	claas.menne
May 7	Maximilian	High Confidence Phish	maximilian.thees

Lesson 1 of 4

How attackers are targeting V-Greens specifically

In progress

The attacks blocked by Microsoft 365 Defender weren't random — they were crafted specifically to target V-Greens employees by name and company. Here are the tactics they used:

Impersonating HR with fake agreements — Subject: "Signature Required – 2026 Employee Agreement" sent to multiple employees. Designed to create panic that your contract needs signing urgently.

Using your name directly — Emails addressed to "Stefan, perhaps you can help" and "Maximilian, perhaps you can help" — attackers research employee names from LinkedIn or company websites.

Fake business acquisition emails — Subject: "Offer to Purchase V Green Solution Private Limited" — targeting management by pretending to be a serious business buyer to get a response.

Account lockout scare — Subject: "Portal Access: Don't Get Locked Out" and "Action Needed: We recommend you re-activate mailbox" — designed to make you click immediately out of fear of losing access.

Fake investment / partnership requests — Subjects referencing Düsseldorf meetings, plant grower co-creation, and jewellery investment — designed to look like legitimate business opportunities.

🎯 These are not generic spam. Attackers researched V-Greens, found employee names, and crafted emails designed specifically to fool your colleagues. Several used the exact company name "V Green Solution Private Limited."

Knowledge check

An email arrives addressed to you personally: "Stefan, perhaps you can help — we need your input urgently." What does the use of your name most likely indicate?

Lesson 2 of 4

Understanding the Microsoft quarantine notification

🔒 Locked

🔒 Complete lesson 1 to unlock

Lesson 3 of 4

How to spot these emails before they fool you

🔒 Locked

🔒 Complete lesson 2 to unlock

Based on the real emails blocked in your quarantine, here are the exact warning signs to look for. Each one was found in actual attacks against V-Greens employees.

Real example from your quarantine ↓

From: remittance@investfidelity.com

To: glenn.davies@v-greens.com

Signature Required – 2026 Employee Agreement #Ref:b…

Dear Glenn, your 2026 employment agreement requires your digital signature by end of business today. Please click the link below to review and sign your agreement. Failure to sign may affect your employment status…

🚩

Red flags: Sender domain (investfidelity.com) has nothing to do with V-Greens HR. Urgency ("end of business today"). Threat to employment. Sent to multiple employees simultaneously.

✓

Check the sender domain carefully — remittance@investfidelity.com is not a V-Greens HR address. Attackers use completely unrelated domains that sound professional.

✓

Urgency + threat combination — "Sign today or your employment may be affected" — real HR never uses threats like this over email. This is a manipulation tactic.

✓

Hover over every link before clicking — the visible link text says one thing but the real URL destination is completely different. Always hover first to preview where it actually goes.

✓

Unexpected business requests — "Offer to Purchase V Green Solution" — if you receive a major business proposal by email from an unknown party, verify through official channels before responding.

✓

Account re-activation requests — "Action Needed: re-activate mailbox" — IT never asks you to reactivate accounts via email links. This is a credential harvesting attempt.

🔑 One simple rule: IT Security and HR will never ask for your password, credentials, or urgent signature via an email link. When in doubt — don't click. Call IT Security directly.

Knowledge check

You receive an email from brookes@gologoproducts.com saying "Maximilian, perhaps you can help" asking you to review an attached contract. What are the two biggest red flags?

Lesson 4 of 4

What to do — and what NOT to do

🔒 Locked

🔒 Complete lesson 3 to unlock

✓

Training complete!

You've completed the V-Greens Phishing Awareness Training with a perfect score. Submit your details below so IT Security receives confirmation of your completion.

4/4

Quiz score

100%

Pass rate

—

Time taken

Send your completion record to IT Security

Your name and email will be sent to hussain.bangash@v-greens.com

Full name

Work email address

✅ Notification sent to IT Security!
Your completion has been recorded. You may close this page.