Narrator: Cindy has been working hard all week with the finance department, working on the fiscal year planning with the finance CAO. She is feeling very overworked and reminds herself that she needs to take a break. Cindy decides to stretch and do some online shopping on her computer to relax.

Anon: Chris revealing so much information about his company is very, very good. All I need to do now is create a list of targets using INFO-GO, the organization's public directory, to contacts his co-workers, email addresses and phone numbers. I'll create a phishing email, vishing phone call, and smishing text message to try and convince the employees at the health facility to click on the link. That will take them to my very special webpage, which will try to get more information from them. All of this will form the basis of an even greater attack. Oh, I know Phish. I can't hardly contain my excitement too.

Narrator: While scrolling the Internet and shopping online, Cindy gets an email notification on her desktop. She clicks on the email and notices she has won a $50 Starbucks gift card. Cindy jumps up from her desk, excited about having no shortage of caffeine. With all this work she has piling up, she is going to need the extra coffee.

Cindy opens the URL and comes across a web page which requires her to input her company information to redeem her prize. The web page has spelling mistakes and is asking for private information that it shouldn't need. Feeling like something is off, Cindy decides to just pay for her coffee herself, not wanting to risk anything. She closes the browser and deletes the email thinking it must be spam.

Anon: I can't wait to see who falls to my phishing campaign, Phish. Oh look. Here is one now. Someone named Cindy clicked the link, but she did not give up much information. Wait a second, our friend Cindy works in the finance department. Cindy, I think it's time you and I go spear phishing together… time to plot the next step in my attack!