BitBandit

email_checklist:email_checklist+1 check_links_done:true -- [align center] {embed image: check_linkemail_image} [cont] You hover over the various links in the email to reveal their full URLs. Be cautious of unexpected or suspicious attachments and links, as they may contain malicious software. The link login.net-login.com looks suspicious and does not match your company's domain or the help desk's usual domain. >[[Check email ->inspect email]]

email_checklist:email_checklist+1 check_sender_done:true -- [align center] {embed image: check_emailsenders} [cont] You check the senders of the messages, seeing if you recognize them. The sender's email address looks unknown or suspicious. It also differse from the sender in the email. >[[Check email ->inspect email]]

email_checklist:email_checklist+1 check_attachment_done:true -- [align center] {embed image: check_attachmentsemail_image} [cont] You check the attachments in the email, noting their file types and sizes. Be cautious of unexpected or suspicious attachments and links, as they may contain malicious software. At first glance, the attachment appears harmless, but it's unusual for your help desk to send something like this. >[[Check email ->inspect email]]

[align center] You've reached the <i>{ending}</i> ending. [cont] [align center] {embed image: ending_image} [cont] Cybersecurity is more than just firewalls and passwords—it's about people, decisions, and responsibility. Every action in a networked environment can have serious consequences, whether it's ignoring a suspicious email or choosing to report a vulnerability. Whether you're defending your company or testing its weaknesses, understanding how attacks happen is the first step toward stopping them. Thank you for playing! >[[Restart the game->cover]]

register:0 laptop_checked:false phishing_checked:false social_checked:false usb_checked:false usb_wrong:false laptop_wrong:false phishing_wrong:false social_wrong:false mistakes:0 side:false -- [cont] [align center] {embed image: locker_image} [cont] In the locker, you find a USB drive along with a note that reads: "To prove you want to work with us, infiltrate SecUNA, and gather some data for us. Stick the USB drive in someone's computer, or use other methods, but get that data!" >[[Next ->Infiltrate]]

[JavaScript] let checks = ""; for (let i = 1; i <= 4; i++) { if ( (i === 1 && usb_checked) || (i === 2 && laptop_checked) || (i === 3 && phishing_checked) || (i === 4 && social_checked)) { checks += `<img src="${engine.state.get('check_mark_image')}" alt="check-mark" width="30" height="30">`; } else if ( (i === 1 && usb_wrong) || (i === 2 && laptop_wrong) || (i === 3 && phishing_wrong) || (i === 4 && social_wrong)) { checks += `<img src="${engine.state.get('cross_image')}" alt="cross" width="30" height="30">`; } else { checks += `<img src="${engine.state.get('empty_check_image')}" alt="empty-check" width="30" height="30">`;}} write('<div style="text-align:center;font-weight:bold;">Security Checks:</div><div style="text-align:center">' + checks + '</div>'); [cont] [align center] {embed image: infiltrate_image} [cont] You’ll need to test different tactics to gather data from inside SecUNA. Some tactics will work. Others will fail—and you can only afford a few mistakes. Choose wisely. [if register < 4] You need to check all infiltration tactics before proceeding: [if !usb_checked && !usb_wrong] >[[Check USB Stick ->check USB]] <br> [if !laptop_checked && !laptop_wrong] >[[Check Unlocked Laptop ->check Laptop]] <br> [if !phishing_checked && !phishing_wrong] >[[Check Phishing Mail ->check Mail]] <br> [if !social_checked && !social_wrong] >[[Check Social Engineering ->check Social]] <br> [if mistakes >= 2 && register >= 4] Oh no! You made too many mistakes. >[[Proceed to end->unsuccessful]] [continue] [if mistakes < 2 && register >= 4] Great job! You've infiltrated at least three security risks. >[[Proceed to end ->successful]] [continue]

ending: 'Took Down SecUNA' -- [align center] {embed image: infiltrate_successful_image} [cont] You report back to BitBandit, who is impressed with your work. You've successfully infiltrated SecUNA and extracted valuable data. Among the files is undeniable proof that SecUNA has been deliberately exploiting known vulnerabilities to grow their client list—presenting themselves as saviors while orchestrating crises behind the scenes. "I knew it," BitBandit says. "You just had to trust your gut." Digging deeper, you uncover metadata showing Langston himself modified internal documents to bury reports about hospital vulnerabilities. He didn't just cover it up—he enabled the risk. You leak everything. The public reaction is immediate. Langston is forced to resign, and SecUNA's credibility collapses. >[[The End->End]]

ending: 'Went To Jail' -- [align center] {embed image: infiltrate_unsuccessful_image} [cont] You report back to BitBandit, but they’re unimpressed. Too many mistakes, not enough solid data. They cut contact, leaving you with partial evidence and no way to verify its authenticity. You attempt to leak what you have, but without proof, your claims fall flat. Worse, the authorities trace your activity. You're arrested for unauthorized intrusion and aiding a cybercriminal group. From your cell, you read the news: BitBandit released the real files. The damage to SecUNA is done and Langston is implicated. You were right. But being right wasn’t enough. >[[The End->End]]

register:0 mistakes:0 laptop_checked:false phishing_checked:false social_checked:false usb_checked:false usb_wrong:false laptop_wrong:false phishing_wrong:false social_wrong:false side:true -- [align center] {embed image: secuna_good_guy_storyline_image} [cont] Langston doesn't waste time. "BitBandit crossed a line. I need someone who knows how they operate." He leads you to a secret sub-basement filled with network gear and a whiteboard full of names, IPs, and scribbled theories. "We've been building a counter-op team. Four active leads. Pick them wisely—we only need three hits, but too many mistakes and we lose them for good." >[[Track Down BitBandit]]

-- [JavaScript] let checks = ""; for (let i = 1; i <= 4; i++) { if ( (i === 1 && usb_checked) || (i === 2 && laptop_checked) || (i === 3 && phishing_checked) || (i === 4 && social_checked)) { checks += `<img src="${engine.state.get('check_mark_image')}" alt="check-mark" width="30" height="30">`; } else if ( (i === 1 && usb_wrong) || (i === 2 && laptop_wrong) || (i === 3 && phishing_wrong) || (i === 4 && social_wrong)) { checks += `<img src="${engine.state.get('cross_image')}" alt="cross" width="30" height="30">`; } else { checks += `<img src="${engine.state.get('empty_check_image')}" alt="empty-check" width="30" height="30">`;}} write('<div style="text-align:center;font-weight:bold;">Security Checks:</div><div style="text-align:center">' + checks + '</div>'); [cont] [align center] {embed image: track_down_bitbandit_image} [cont] [if register < 4] You need to check all infiltration tactics before proceeding: [if !usb_checked && !usb_wrong] >[[Check USB Stick ->check USB]] <br> [if !laptop_checked && !laptop_wrong] >[[Check Unlocked Laptop ->check Laptop]] <br> [if !phishing_checked && !phishing_wrong] >[[Check Phishing Mail ->check Mail]] <br> [if !social_checked && !social_wrong] >[[Check Social Engineering ->check Social]] <br> [if mistakes >= 2 && register >= 4] Oh no! You've made too many mistakes. >[[Proceed to end->SecUNAEndingUnsuccessful]] [continue] [if mistakes < 2 && register >= 4] Great job! You've narrowed down the leads for at least three solid options. >[[Proceed to end->SecUNAEndingSuccessful]] [continue]

ending: 'Beat The Hackers' -- [align center] {embed image: secunaendingsuccessful_image} [cont] With precision and caution, you guide your team through a series of simulated exploits - testing vulnerabilities, mapping attack patterns, and tracing digital footprints. Each step you take brings you closer to BitBandit. Eventually, you track the group to a shell company front. International authorities act on the intel. BitBandit is arrested. SecUNA is credited with stopping a widespread cyber attack—and your leadership is at the center of it. Langston offers you a handshake and a new role: building a team that thinks like attackers, but defends like professionals. >[[The End->End]]

ending: 'Hackers Got Away' -- [align center] {embed image: secunaendingunsuccessful_image} [cont] Despite your efforts, BitBandit stays one step ahead. Your simulations catch small issues, but you miss the key breach vectors. BitBandit launches a coordinated attack on several clients. Data is leaked. SecUNA is exposed. Langston dissolves the task force. You're reassigned to internal compliance, your talents wasted, your lessons hard-earned. From the outside, BitBandit issues a final message: “Next time, trust your instincts.” >[[The End->End]]

register:register+1 -- [align center] {embed image: check_laptop_image} [continue] [if !side] Looks like the person who works at the front desk left their laptop unlocked. This is your chance. With no one around, you might be able to extract sensitive information without being noticed. >[[Check their email->Laptop right way]] >[[Look at their cat photos->Laptop wrong way]] [else] You walk past the front desk and notice an unattended, unlocked laptop. Leaving a workstation unattended is a major security risk. What’s the correct move? >[[Lock the workstation and notify IT->Laptop right way]] >[[Do nothing, it’s not your problem->Laptop wrong way]] [continue]

laptop_checked:true -- [if !side] [align center] {embed image: check_laptop_image3} Opening the email client, you see a treasure trove of emails and documents containing internal information. You copy it all to a USB drive and leave the laptop as you found it. >[[Back->Infiltrate]] [else] [align center] {embed image: check_laptop_image4} You lock the screen and notify IT immediately, making sure the machine is no longer accessible. They thank you for your awareness. Leaving a device unlocked exposes sensitive information. Prompt reporting helps enforce proper security hygiene and policies. >[[Back->Track Down BitBandit]] [continue]

laptop_wrong:true mistakes:mistakes+1 -- [if !side] [align center] {embed image: check_laptop_image1} While entertaining, the cat photos are not what you were looking for. You're about to check the emails instead when you notice the employee returning to their desk. You quickly close the laptop and walk away. >[[Back->Infiltrate]] [else] [align center] {embed image: check_laptop_image2} You ignore the laptop. Later, you hear a report that someone accessed sensitive HR records from that very machine. Ignoring security issues is just as dangerous as causing them. Everyone shares responsibility for workplace security. >[[Back->Track Down BitBandit]] [continue]

register:register+1 -- <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 90%; max-height: 90%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/04/Phishing_leftorright.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] [if !side] You're going to try phishing Langston. He’s smart, but if your message is clever enough, he might take the bait. *Click on the picture to make it bigger. * >[[Send left Phishing Mail->Phishing right way]] >[[Send left Phishing Mail->Phishing wrong way]] [else] You’ve received reports of suspicious emails. Your job is to identify which message is the real phishing attempt and take appropriate action. Which one looks more like a Phishing Mail? *Click on the picture to make it bigger. * >[[Left email->Phishing right way]] >[[Right email->Phishing wrong way]] [continue]

phishing_checked:true -- [align center] {embed image: mail_check_image} [if !side] It worked! You sent a good looking phishing email to Langston, and he opened it. The left email looks more like phishing because it creates urgency by saying your password was changed and tells you to click several links. It also uses a suspicious sender address that doesn't match Microsoft. The right email sounds calmer and more normal for a workplace, but it still comes from the same strange address and has a link that could be dangerous. Both emails look like phishing at first glance. You now have access to his computer and can gather valuable information. >[[Back->Infiltrate]] [else] You report the left phishing email. IT confirms it's an actual attack attempt and begins tracing the source. The left email looks more like phishing because it creates urgency by saying your password was changed and tells you to click several links. It also uses a suspicious sender address that doesn't match Microsoft. The right email sounds calmer and more normal for a workplace, but it still comes from the same strange address and has a link that could be dangerous. Both emails look like phishing at first glance. Reporting phishing attempts helps your team identify patterns and shut down attacks before they escalate. >[[Back->Track Down BitBandit]] [continue]

phishing_wrong:true mistakes:mistakes+1 -- [align center] {embed image: mail_check_image} [if !side] The phishing mail you chose to write wasn't opened by Langston. The left email looks more like phishing because it creates urgency by saying your password was changed and tells you to click several links. It also uses a suspicious sender address that doesn't match Microsoft. The right email sounds calmer and more normal for a workplace, but it still comes from the same strange address and has a link that could be dangerous. Both emails look like phishing at first glance. Thankfully, it doesn't seem like he caught on to your plan. You'll have to try another method. >[[Back->Infiltrate]] [else] You report the right phishing email. IT confirms it's not an actual attack attempt. The left email looks more like phishing because it creates urgency by saying your password was changed and tells you to click several links. It also uses a suspicious sender address that doesn't match Microsoft. The right email sounds calmer and more normal for a workplace, but it still comes from the same strange address and has a link that could be dangerous. Both emails look like phishing at first glance. Even one careless action can open the door for a breach. Always take phishing seriously. >[[Back->Track Down BitBandit]] [continue]

register:register+1 -- [align center] {embed image: check_social_image} [continue] [if !side] You need insider info. Time to play a little social engineer—blend in, ask the right questions, and you might learn something useful. >[[Wear a suit->Social right way]] >[[Wear a floral shirt, hoping the casual vibe will lower their guard->Social wrong way]] [else] You’re conducting a test of employee awareness. Can you simulate an attacker blending in? >[[Wear a suit and act professional->Social right way]] >[[Go casual and try to join without context->Social wrong way]] [continue]

social_checked:true -- [align center] {embed image: check_social_image1} [if !side] You put on a suit and walk into the break room. The employees are impressed by your professionalism and invite you to join their conversation. You casually ask about their work and personal lives, and they open up to you, sharing valuable information about the company's internal processes and security measures. >[[Back->Infiltrate]] [else] You blend in perfectly and listen quietly. One employee discusses a suspicious email they received recently. You take note and pass it to IT for follow-up—another piece in the puzzle. Social engineering relies on trust. Training employees to be cautious about conversations is a key defense. >[[Back->Track Down BitBandit]] [continue]

social_wrong:true mistakes:mistakes+1 -- [align center] {embed image: check_social_image2} [if !side] Oh no, everyone is wearing suits. You should know that from your experience working here… You get closer to the group in your casual floral shirt, but they look at you with confusion. You try to join the conversation, but they ignore you. >[[Back->Infiltrate]] [else] Your attempt to blend in fails—your appearance doesn’t match the office culture, and no one shares anything with you. A failed simulation, but a reminder that social engineers succeed by appearing credible. >[[Back->Track Down BitBandit]] [continue]

register:register+1 -- [align center] {embed image: usb_locations_image} [continue] [if !side] USB drop attacks are a classic way to get malicious code onto secured systems. Your goal: make someone plug it in. Where should you leave it to maximize curiosity? >[[Put it in the locker of an employee you know is susceptible->USB right way]] >[[Leave the USB randomly on the ground->USB wrong way]] [else] You're running a test to see if any employees might fall for a USB drop. Where would a simulated drop be most effective? >[[Leave it in a high-traffic area near lockers->USB right way]] >[[Leave it somewhere obscure like the supply closet->USB wrong way]] [continue]

usb_checked:true -- [if !side] [align center] {embed image: usb_locations_image1} You put the USB stick in the locker of a former colleague, knowing that they will find it and let curiosity get the better of them, plugging it into their computer. As you monitor your systems, you see a successful connection, letting you confirm your success. >[[Back->Infiltrate]] [else] [align center] {embed image: usb_locations_image2} You leave the drive near employee lockers. Later that day, IT is notified by a cautious employee, and they report the discovery. It’s a success: the employee did exactly what they were trained to do. Simulating attacks like this helps measure employee awareness and test security procedures. >[[Back->Track Down BitBandit]] [continue]

usb_wrong:true mistakes:mistakes+1 -- [align center] {embed image: usb_locations_image3} [if !side] You leave the USB in a public place, but it gets picked up by a security guard who immediately reports it to the IT department. You'll have to infiltrate SecUNA another way. >[[Back->Infiltrate]] [else] You leave the USB in an obscure area. No one notices it for days, meaning your test didn’t reach its intended audience. Poor test placement can waste time and fail to measure real security risks. >[[Back->Track Down BitBandit]] [continue]

checklist:0 check_sender_done:false check_links_done:false check_language_done:false -- [align center] {embed image: alarm_clock_image, width: 400} [cont] Your alarm rings. A new day, a new job... This is your chance to prove to SecUNA just how dedicated you are! [cont] >[[Get coffee first->coffee]] >[[Hit snooze... forever->snooze]]

[align center] {embed image: sleepy_image, width: 500} [cont] <blockquote> "May your coffee be strong and your Monday be short." \- {playerName}, 2025 </blockquote> >[[Check phone ->check phone]]

[align center] {embed image: snooze_image, width: 500} [cont] Your hand hovers over the snooze button. It's tempting, but you shouldn't be late for your first day. Also, who’s going to pay your bills? Priorities, {playerName}, priorities... But it’s important to explore all your options{reveal link: '...', text: ' ... including the ones leading to unemployment...'} >[[Get coffee ->coffee]] >[[Check phone ->check phone]]

[align center] {embed image: check_phone_image} [cont] First things first. You check your phone. You see two new notifications. >[[Check notifications ->check notifications]]

[JavaScript] let checks = ""; for (let j=1; j<=checklist; j++) {checks += `<img src="${engine.state.get('check_mark_image')}" alt="check-mark" width="30" height="30">`;} for (let k=checklist+1; k<=3; k++) {checks += `<img src="${engine.state.get('empty_check_image')}" alt="empty-check" width="30" height="30"> `;} write('<div style="text-align:center;font-weight:bold;">Checks done:</div><div style="text-align:center">'+checks+'</div>'); [cont] <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 100%; max-height: 100%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/01/Smishing.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] [if checklist < 3] You see two new notifications. They both seem suspicious. Click on the picture to make it bigger. [unless check_sender_done] >[[Check sender ->Check text sender]] <br> [unless check_links_done] >[[Inspect links ->Inspect text links]] <br> [unless check_language_done] >[[Examine language ->Check text language]] [if checklist >= 3] Which one of the messages do you want to open and follow? >[[Left message ->wrong: summary smishing]] >[[Right messages ->wrong: summary smishing]] >[[Both messages ->wrong: summary smishing]] >[[Go on with your day ->correct: summary smishing]]

checklist:checklist+1 check_sender_done:true -- <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 90%; max-height: 90%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/01/check-senders.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] You check the senders of the messages. Official organizations typically use short, recognizable sender IDs. Random numbers or odd formatting are red flags. Both of these senders seem suspicious since you do not know either of them. >[[Check phone ->check notifications]]

checklist:checklist+1 check_links_done:true -- <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 90%; max-height: 90%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/01/check-link.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] You check the links in the messages. Legitimate organizations usually have recognizable domains. If the link is shortened, it’s a red flag. A link can also be disguised to look like a legitimate one, but certain clues can help us determine that it is actually for a different domain. If you're unsure about if a domain is real, it's oftentimes best to search for the company yourself, rather than trust any link sent to you. >[[Check phone ->check notifications]]

checklist:checklist+1 check_language_done:true -- <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 90%; max-height: 90%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/01/check-language.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] You check the writing of the messages. Oftentimes suspicious messages contain typos, improper grammar, or odd formatting. These messages seem to have multiple typos, suggesting that they are not from a legitimate source. >[[Check phone ->check notifications]]

[align center] {embed image: smishing_summary_image, alt: 'Smishing mistake'} [cont] You try to open the link, but each time you get an error message. You do remember. This is called a smishing attack. What a lucky guy you are that the pages didn't load, but you kick yourself for falling for such an easy smishing attack. <blockquote class="warning"> "Phishing is a type of cyber attack that uses social engineering to trick users into revealing sensitive information, such as passwords or credit card numbers. Smishing is a specific type of phishing that uses SMS text messages to lure victims into clicking on malicious links or providing personal information." </blockquote> What a joke, you want to start a role as a security professional but still fall for that. Always remember these things: - Always check the sender. - Never click on suspicious links. Rather visit the site via usual ways. - Watch out for suspicious language and formulations. >[[Go on with day->Go on with day]]

[align center] {embed image: smishing_summary_image, alt: 'Smishing avoided'} [cont] Good job! You do remember. This is called a <span class="tooltip">smishing attack <span class="tooltiptext">Phishing is a type of cyber attack that uses social engineering to trick users into revealing sensitive information, such as passwords or credit card numbers. Smishing is a specific type of phishing that uses SMS text messages to lure victims into clicking on malicious links or providing personal information.</span> </span>. - Always check the sender. - Never click on suspicious links. Rather visit the site via usual ways. - Watch out for suspicious language and formulations. >[[Go on with day->Go on with day]]

alarm_clock_image: 'https://seta-training.de/wp-content/uploads/2025/01/alarm-clock.png' snooze_image: 'https://seta-training.de/wp-content/uploads/2025/04/Snooze_image.png' application_image: 'https://seta-training.de/wp-content/uploads/2025/04/application_image.png' character_selection_image: 'https://seta-training.de/wp-content/uploads/2025/04/character_selection_image.png' check_link_image: 'https://seta-training.de/wp-content/uploads/2025/01/check-link.png' check_language_image1: 'https://seta-training.de/wp-content/uploads/2025/01/check-language.png' cover_image: 'https://seta-training.de/wp-content/uploads/2025/04/cover_image-Alt.png' instructions_image: 'https://seta-training.de/wp-content/uploads/2025/04/instructions.png' sec_una_building_image_male: 'https://seta-training.de/wp-content/uploads/2025/04/sec_una_building_image.png' sec_una_building_image_female: 'https://placehold.co/500' check_phone_image: 'https://seta-training.de/wp-content/uploads/2025/04/check_phone_image.png' check_senders_image: 'https://seta-training.de/wp-content/uploads/2025/01/check-senders.png' check_emailsenders: 'https://seta-training.de/wp-content/uploads/2025/04/Phishing3.png' check_linkemail_image: 'https://seta-training.de/wp-content/uploads/2025/04/Phishing4.png' check_attachmentsemail_image: 'https://seta-training.de/wp-content/uploads/2025/04/Phishing2.png' sleepy_image_male: 'https://seta-training.de/wp-content/uploads/2025/04/sleepy_image.png' sleepy_image_female: 'https://placehold.co/500' shoulder_surfing_image: 'https://seta-training.de/wp-content/uploads/2025/01/shoulder-surfing-screens-1.png' smishing_image: 'https://seta-training.de/wp-content/uploads/2025/01/Smishing.png' mail_check_image: 'https://seta-training.de/wp-content/uploads/2025/04/Phishing_leftorright.png' cross_image: 'https://seta-training.de/wp-content/uploads/2025/02/cross.png' check_mark_image: 'https://seta-training.de/wp-content/uploads/2025/01/check-mark.png' empty_check_image: 'https://seta-training.de/wp-content/uploads/2025/01/empty-check.png' thumbs_up_image_male: 'https://seta-training.de/wp-content/uploads/2025/04/thumbs_up_image.png' thumbs_up_image_female: 'https://placehold.co/500' newspaper_image: 'https://placehold.co/500' check_attachments_image: 'https://placehold.co/500' usb_locations_image: 'https://placehold.co/500' track_down_image: 'https://placehold.co/500' running_late_image: 'https://seta-training.de/wp-content/uploads/2025/04/Running_late.png' train_login_image: 'https://seta-training.de/wp-content/uploads/2025/04/train_work_image.png' train_login_image2: 'https://seta-training.de/wp-content/uploads/2025/04/train_login_image2.png' train_login_image3: 'https://seta-training.de/wp-content/uploads/2025/04/train_login_image3.png' train_login_image4: 'https://seta-training.de/wp-content/uploads/2025/04/train_login_image4.png' train_login_image5: 'https://seta-training.de/wp-content/uploads/2025/04/train_login_image5.png' train_login_image6: 'https://seta-training.de/wp-content/uploads/2025/04/train_login_image6.png' train_peek_image: 'https://placehold.co/500' train_work_image: 'https://seta-training.de/wp-content/uploads/2025/04/train_work_image8.png' train_work_image2: 'https://seta-training.de/wp-content/uploads/2025/04/train_work_image9.png' train_work_image3: 'https://seta-training.de/wp-content/uploads/2025/04/train_work_image7.png' train_creep_image: 'https://seta-training.de/wp-content/uploads/2025/04/train_creep_image.png' check_sender_image: 'https://placehold.co/500' check_links_image: 'https://placehold.co/500' check_language_image: 'https://placehold.co/500' smishing_summary_image: 'https://seta-training.de/wp-content/uploads/2025/04/smishing_summary.png' hack_back_image: 'https://seta-training.de/wp-content/uploads/2025/04/hack_back_image.png' inspect_email_image: 'https://placehold.co/500' keep_it_confidential_image: 'https://seta-training.de/wp-content/uploads/2025/04/keep_it_confidential_image.png' leak_the_report_image: 'https://seta-training.de/wp-content/uploads/2025/04/leak_the_report_image.png' pursue_everyday_work_image: 'https://seta-training.de/wp-content/uploads/2025/04/pursue_everyday_work_image.png' secure_the_systems_image: 'https://seta-training.de/wp-content/uploads/2025/04/hack_back_image.png' sit_down_image: 'https://seta-training.de/wp-content/uploads/2025/04/sit_down_image.png' work_first_day_image: 'https://seta-training.de/wp-content/uploads/2025/04/work_first_day_image.png' work_time_passed_image: 'https://seta-training.de/wp-content/uploads/2025/04/work_time_passed_image.png' secuna_hq_image: 'https://placehold.co/500' langston_speech_image: 'https://placehold.co/500' phishing_report_image: 'https://placehold.co/500' continue_working_image: 'https://seta-training.de/wp-content/uploads/2025/04/continue_working_image.png' inspect_email_image: 'https://seta-training.de/wp-content/uploads/2025/04/Phishing1.png' open_email_image: 'https://seta-training.de/wp-content/uploads/2025/04/open_email_image.png' report_email_image: 'https://seta-training.de/wp-content/uploads/2025/04/report_email_image.png' bitbandit_message_image: 'https://seta-training.de/wp-content/uploads/2025/04/contact_from_bitbandit_image.png' business_as_usual_image: 'https://seta-training.de/wp-content/uploads/2025/04/business_as_usual_image.png' contact_from_bitbandit_image: 'https://seta-training.de/wp-content/uploads/2025/04/contact_from_bitbandit_image.png' contact_it_image: 'https://seta-training.de/wp-content/uploads/2025/04/contact_it_image.png' fight_the_virus_yourself_image: 'https://seta-training.de/wp-content/uploads/2025/04/fight_the_virus_yourself_image.png' fired_image: 'https://seta-training.de/wp-content/uploads/2025/04/fired_image.png' ignore_the_problem_image: 'https://seta-training.de/wp-content/uploads/2025/04/ignore_the_problem_image.png' keep_it_to_yourself_image: 'https://seta-training.de/wp-content/uploads/2025/04/keep_it_to_yourself_image.png' keep_your_head_down_image: 'https://seta-training.de/wp-content/uploads/2025/04/keep_your_head_down_image.png' oh_no_image: 'https://seta-training.de/wp-content/uploads/2025/04/oh_no_image.png' secuna_good_guy_storyline_image: 'https://seta-training.de/wp-content/uploads/2025/04/secuna_good_guy_storyline_image.png' secunaendingsuccessful_image: 'https://seta-training.de/wp-content/uploads/2025/04/secunaendingsuccessful_image.png' secunaendingunsuccessful_image: 'https://seta-training.de/wp-content/uploads/2025/04/secunaendingunsuccessful_image.png' track_down_bitbandit_image: 'https://seta-training.de/wp-content/uploads/2025/04/infiltrate_image.png' infiltrate_image: 'https://seta-training.de/wp-content/uploads/2025/04/infiltrate_image.png' locker_image: 'https://seta-training.de/wp-content/uploads/2025/04/locker_image.png' successful_image: 'https://placehold.co/500' unsuccessful_image: 'https://placehold.co/500' check_social_image: 'https://seta-training.de/wp-content/uploads/2025/04/check_social_image.png' check_social_image1: 'https://seta-training.de/wp-content/uploads/2025/04/check_social_image1.png' check_social_image2: 'https://seta-training.de/wp-content/uploads/2025/04/check_social_image2.png' ending_image: 'https://seta-training.de/wp-content/uploads/2025/04/ending_image.png' check_laptop_image: 'https://seta-training.de/wp-content/uploads/2025/04/check_laptop_image.png' check_laptop_image1: 'https://seta-training.de/wp-content/uploads/2025/04/check_laptop_image1.png' check_laptop_image2: 'https://seta-training.de/wp-content/uploads/2025/04/check_laptop_image2.png' check_laptop_image3: 'https://seta-training.de/wp-content/uploads/2025/04/check_laptop_image3.png' check_laptop_image4: 'https://seta-training.de/wp-content/uploads/2025/04/check_laptop_image4.png' infiltrate_successful_image: 'https://seta-training.de/wp-content/uploads/2025/04/infiltrate_successful_image.png' infiltrate_unsuccessful_image: 'https://seta-training.de/wp-content/uploads/2025/04/infiltrate_unsuccessful_image.png' locker_image: 'https://seta-training.de/wp-content/uploads/2025/04/usb_locations_image1.png' usb_locations_image: 'https://seta-training.de/wp-content/uploads/2025/04/usb_locations_image.png' usb_locations_image1: 'https://seta-training.de/wp-content/uploads/2025/04/usb_locations_image1.png' usb_locations_image2: 'https://seta-training.de/wp-content/uploads/2025/04/usb_locations_image2.png' usb_locations_image3: 'https://seta-training.de/wp-content/uploads/2025/04/usb_locations_image3.png' -- [align center] {embed image: cover_image, alt: 'BitBandits'} [[INSERT COIN->start]] [align center] [[Instructions->instructions]] [cont] [align center] [[Credits->credits]] [cont] [align center] This is a choice-based storytelling game where you shape your own journey. The path you take will vary depending on the decisions you make. Created as part of a university project, it explores key concepts in information security. [cont]

[align center] <img src="https://seta-training.de/wp-content/uploads/2025/01/VB.jpg" width="250" height="auto"> [cont] [Javascript] write("<div style='text-align:center;'>Story by: <a target='_blank' href='https://www.linkedin.com/in/vito-buonassisi'>Vito Buonassisi</a></div>"); write("<div style='text-align:center;'>All images are AI generated with the help of <a target='_blank' href='https://www.midjourney.com/'>Midjourney</a></div>"); write("<div style='text-align:center;margin-top:30px;'>To get more information about the story and the process of creating this comic you can go to: <a href='https://seta-training.de/' target='_blank'>seta-training.de</a></div>"); [cont] >[[Back to the cover->cover]]

This is a choice-based storytelling game where you shape your own journey. The path you take will vary depending on the decisions you make. Typically each page has 2 parts, the first part is the main ** CONTENT ** (the text and images) and the lower part with the ** OPTIONS ** where there are one or more links to choose the next page. Certain words or letters are ** HIGHLIGHTED** like 'SecUNA', often representing IT security-specific terms. Clicking or hovering on them will provide detailed explanations. They appear like this: {reveal link: 'Click me!', text: 'Good job!'} <span class="tooltip">Hover over me! <span class="tooltiptext">Good job!</span> </span> [align center] {embed image: instructions_image} [cont] >[[Begin->start]]

config.style.googleFont: '<link href="https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap" rel="stylesheet">' config.style.page.font: 'Nunito/sans-serif 18' config.footer.center: '{back link}' fired: false -- [align center] {embed image: application_image, width: 500} [cont] Welcome to SecUNA, new applicant. Before we process your application, we need to gather some information as part of our diversity hire initiative. Let's start with your name, what is your name? [align center] {text input for: 'playerName'} [cont] >[[Start the journey->next]]

[align center] {embed image: character_selection_image} Thank you {playerName}. Which character do you want to be? [cont] >[[Male->setMale]] >[[Female->setFemale]]

gender: 'male' thumbs_up_image: thumbs_up_image_male sleepy_image: sleepy_image_male sec_una_building_image: sec_una_building_image_male -- {embed passage: 'characterSet'}

gender: 'female' thumbs_up_image: thumbs_up_image_female sleepy_image: sleepy_image_female sec_una_building_image: sec_una_building_image_female -- {embed passage: 'characterSet'}

[align center] {embed image: thumbs_up_image} [cont] Perfect! All further questions have been skipped as you meet our quota for diversity hire. Do you know what your mission will be? >[[Let's go!->introduction]]

In the near future, cyber professionals and hackers wage a relentless digital battle. Having successfully passed your interview, you are now a recruit at <span class="tooltip">SecUNA <span class="tooltiptext">A cybersecurity company</span> </span>. Your mission: to investigate and neutralize BitBandits, a notorious hacker group targeting both private and public sectors. [align center] {embed image: sec_una_building_image, width: 500} [cont] Are you ready to start your first day at your new job? >[[I was born ready!->I was born ready]]

[align center] {embed image: running_late_image, alt: 'Running late'} [cont] Whatever... You are almost late for your train! >[[Run to the train->train shoulder surfing]]

camera1_done:false -- [align center] {embed image: train_login_image2, alt: 'Logging in on the train'} [cont] You arrived on time. On the train to work, you see business people around you focused on their laptops. You grab yours to prepare for your first day. First step: log in. Which option do you choose? >[[Password->train password]] >[[Use Camera->camera]]

[align center] {embed image: train_login_image3, alt: 'Password login'} [cont] Behind you, you notice a person staring into your laptop, just waiting for you to enter your password. >[[Tell them to look away->train look away]] >[[Shout at person->train shout]] >[[Use fingerprint sensor->train fingerprint]] [if camera1_done === false] >[[Use Camera->camera 2]] [continue]

camera1_done:true -- [align center] {embed image: train_login_image, alt: 'Camera not working'} [cont] You give it a shot, but... surprise! Your camera seems to have taken the day off. >[[Use Password->train password]]

[align center] {embed image: train_login_image, alt: 'Camera retry'} [cont] You give it a shot, but... surprise! Your camera seems to have taken the day off. The person behind you is still staring at your Laptop. >[[Tell Person to look away->train look away]] >[[Shout at person->train shout]] >[[Use fingerprint sensor->train fingerprint]]

[align center] {embed image: train_login_image4, alt: 'Tell person to look away'} [cont] "Can you please not stare into my Laptop Mister? I would really appreciate it!" The man just looks irritated at your face, maybe he didn't understand you? >[[Shout at person->train shout 2]] >[[Use fingerprint sensor->train fingerprint]]

[align center] {embed image: train_login_image4, alt: 'Tell person to look away'} [cont] "Can you please not stare into my Laptop, Mister? I would really appreciate it!" The man just looks irritated at your face, maybe he didn't understand you? >[[Use fingerprint sensor->train fingerprint]]

[align center] {embed image: train_login_image5, alt: 'Tell person to look away'} [cont] You are about to shout at him, but maybe this is not the way today. >[[Tell Person to look away->train look away2]]

[align center] {embed image: train_login_image5, alt: 'Tell person to look away'} [cont] You are about to shout at him, but maybe this is not the way today. >[[Use fingerprint sensor->train fingerprint]]

[align center] {embed image: train_login_image6, alt: 'Using fingerprint'} [cont] You use your fingerprint sensor to log in and it works! Stay aware of your surroundings, especially when dealing with sensitive info like passwords in public. If possible, fingerprint or camera login is your best bet! Don't be afraid to talk to people! >[[Got it!->train peek laptops]]

screenprotector:0 -- <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 100%; max-height: 100%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/01/shoulder-surfing-screens-1.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] Great job! This example clearly reveals how easily the credit card information of the person in front of you can be exposed. Just imagine being a hacker in need of money... but today, you’re on the right side of things! This kind of attack is called <span class="tooltip">shoulder surfing<span class="tooltiptext">Shoulder surfing is a technique where an attacker observes in a public place to obtain sensitive information like passwords or PINs by looking over a shoulder.</span></span>. It shows why you need to be careful in public places - ensuring no one can see your screen or eavesdrop on your phone conversations. How will you handle working on the train? >[[Just work - what’s the worst that could happen?->train what if?]] >[[Work with a screen protector->train screen protector]] >[[Skip work and relax with some YouTube->train relax]]

[align center] {embed image: train_work_image, alt: 'Relaxing on the train'} [cont] Are you really that lazy, {playerName}? If you really want the job, you’ve got to put in the effort. Yesterday was ‘too late’ for you, wasn’t it haha? >[[Just work - what’s the worst that could happen?->train what if?]] >[[Work with a screen protector->train screen protector]]

screenprotector:screenprotector+1 -- [align center] {embed image: train_work_image2, alt: 'Working without protection'} [cont] What’s the worst that could happen if someone looks at your screen? Well, didn’t you just peek at someone else’s screen and see their credit card info? Now imagine them using your credit card to book a trip to Hawaii. Or worse, snooping on company files or personal stuff you’ve carelessly left open. Think of what the shareholders would think! Be careful - especially as an aspiring security expert, you should know better! >[[Skip work and relax with some YouTube->train relax]] >[[Use Screen Protector->train screen protector]]

[if screenprotector===0] Good job! Straight to the right decision! Gotta protect yourself from weirdos... Even if you were the weirdo five seconds ago. [continue] [align center] {embed image: train_work_image3, alt: 'Using a screen protector'} [cont] Working on the train might not be the best idea, but you’ve got no choice. At least you have a screen protector to keep others from peeking at your screen and protect yourself from shoulder surfing. That’s something! >[[Go to work->Creep]]

[align center] {embed image: train_creep_image, alt: 'Creepy stranger says goodbye'} [cont] As you walk out the train and head to your job, the stranger behind you looks directly into your eyes and says, [align center] "Bye {playerName}" [cont] <i>What a creep</i>, you think! He indeed looked at your laptop! At least you did not show any sensitive information... Next time you will call him out! >[[Start your first day->work first day]]

-- [align center] {embed image: work_first_day_image} [cont] Your first day consists of onboarding—quite dull—so you start by observing and getting familiar with your tasks as a Junior Cyber Security Specialist. Director Langston is introduced as your direct supervisor. > [[Work work work->work time passed]]

-- [align center] {embed image: work_time_passed_image} [cont] Some time has passed... Miraculously, despite it being your first day, your know-how gets you noticed and you are promoted out of obscurity. You're now an Associate Cyber Security Agent. You sit in a sleek, high-tech conference room in SecUNA HQ. Giant monitors display real-time network attacks across the globe. Suddenly the busy commotion stops as the head of SecUNA, Director Langston, addresses you and your fellow recruits: “BitBandit's ransomware is locking hospital systems across the region. Medical devices, patient records, even life-support systems—everything is at risk. We've traced the source to a compromised node, but time is short. We must act now.” >[[Hack Back->Hack back]] >[[Secure the Systems->Secure the Systems]]

-- [align center] {embed image: hack_back_image} [cont] You decide to access SecUNA's cyber arsenal and attempt to trace BitBandit's servers through their ransomware. Just as the trace nears completion, BitBandit detects you. Your screen flickers with a mocking message: “Think you're smart xD? Try again.” SecUNA's server defenses light up with incoming attacks. Langston pulls you aside. “First day, huh? I know you want to catch these hackers as much as I do, {playerName}, but today you put all of SecUNA at risk. Not only did we fail to protect the hospitals, but BitBandit has accessed some of our other clients, too. That said, we did uncover part of their location—something we haven't managed in over a year. Take a seat.” >[[Sit down->Sit down]]

-- [align center] {embed image: secure_the_systems_image} [cont] You focus on blocking the ransomware, deploying emergency patches, and cutting off BitBandit's connection. Hospitals need to keep running, and lives depend on it. You quickly deploy the anti-ransomware and stop BitBandit in their tracks. But as you try to track down their location, they disconnect and a taunting message flashes across your screen: "Too slow. Better luck next time, bot." Langston pulls you aside. "First day, huh? You did good, {playerName}. Thanks to you, we protected the hospitals, even if BitBandit has slipped away again. Take a seat." >[[Sit down->Sit down]]

mailcheck:0 leaked:0 -- [align center] {embed image: sit_down_image} [cont] Langston leaves a confidential file on the desk while he goes to the toilet. You try not to look, but the headline catches your eye. It details how poor cybersecurity practices at hospitals made the attack possible. If you release the information, it could help other hospitals and prevent future attacks. But it could also cause chaos, as the information is sensitive and could be misused. And if it isn't released, hospitals may not have as much pressure to upgrade their systems, leaving them vulnerable. <i>Releasing this could save lives, but it could also cause chaos. The choice is yours</i>, you think for yourself, <i>on the other hand, this could also cost you your job</i>. What will you do? >[[Leak the report->leak the report]] >[[Keep it confidential->keep it confidential]]

-- [align center] {embed image: keep_it_confidential_image} [cont] You work with SecUNA to quietly help hospitals strengthen their systems. Progress is slow, and BitBandit strikes another hospital, this time causing harm. Though there's no public outcry, SecUNA's resources are stretched thin, and successive attacks succeed. >[[Pursue everyday work->pursue everyday work]]

leaked:leaked+1 -- [align center] {embed image: leak_the_report_image} [cont] You anonymously send the report to a journalist. The next day, headlines expose hospitals' poor cybersecurity. Patients cancel appointments, but the government steps in with emergency funds to improve defenses. While security is upgraded, trust in the system crumbles, and hospital visits drop. >[[Pursue everyday work->pursue everyday work]]

phishing_done:false email_checklist:0 check_sender_done:false check_links_done:false check_attachment_done:false -- <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 100%; max-height: 100%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/04/Phishing1.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] Later, an encrypted email arrives in your private inbox. After decoding it, you see it's from the Help Desk. >[[Inspect email->inspect email]] >[[Verify Sender->inspect email]] >[[Sandbox the Email and Check it->inspect email]] >[[Open email->Open email]]

mailcheck:1 -- [JavaScript] let checks = ""; for (let j = 1; j <= email_checklist; j++) { checks += `<img src="${engine.state.get('check_mark_image')}" alt="check-mark" width="30" height="30">`; } for (let k = email_checklist + 1; k <= 3; k++) { checks += `<img src="${engine.state.get('empty_check_image')}" alt="empty-check" width="30" height="30">`; } write('<div style="text-align:center;font-weight:bold;">Checks done:</div><div style="text-align:center">' + checks + '</div>'); [cont] <style> .enlargeable { max-width: 500px; cursor: pointer; transition: transform 0.3s ease; } .lightbox { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: none; align-items: center; justify-content: center; z-index: 1000; } .lightbox img { max-width: 100%; max-height: 100%; } </style> <div class="lightbox" id="lightbox" onclick="this.style.display='none'"> <img id="lightbox-img" /> </div> [align center] <img src="https://seta-training.de/wp-content/uploads/2025/04/Phishing1.png" class="enlargeable" onclick="document.getElementById('lightbox-img').src=this.src; document.getElementById('lightbox').style.display='flex';" /> [continue] [if email_checklist < 3] Good job on checking the email first. You check for the common things: [unless check_sender_done] >[[Check sender ->email check sender]] <br> [continued] [unless check_links_done] >[[Inspect Links ->email inspect links]] <br> [continued] [unless check_attachment_done] >[[Check attachments ->email check attachments]] <br> [continued] [if email_checklist >= 3] Good job, you first checked all the <span class="tooltip">common red flags <span class="tooltiptext">Always check the sender for plausibility. If you're asked to click on a link or open an attachment, verify it first. Messages that seem out of context should raise a red flag </span> </span>. to prove it is a real email. What do you want to do? >[[Report email->report email]] >[[Open email ->Open email]]

-- [align center] {embed image: report_email_image} [cont] Your quick thinking helps stop the breach before it can do serious damage. The IT team credits your report as the reason they caught the malware's behavior early. You're invited to assist in the post-mortem and help rewrite the company's phishing response protocols. It's not glamorous work—but it's important, and you know it. Weeks later, a new policy gets circulated through the company... and your name is on the contributors list. >[[Continue Working->continue working]]

-- [align center] {embed image: continue_working_image} [cont] You continue working at SecUNA, when Langston comes over. "{playerName}," he says, "you've been doing great work here. How would you like to join me on a special project? We're building a team to take down BitBandit once and for all." At the same time, you notice a post-it note on your desk. It's a message from BitBandit. Since you didn't open his email, he found another way to contact you. Hackers sure are persistent, aren't they? "{playerName}," it reads, "we know you didn't open the email. We need people like you who want to do the right thing. If you want answers, go to the main bus station, locker 428. Come alone." Somehow Langston doesn't notice you reading the note right in front of him. And for some plot reason, you decide not to tell Langston about the note either. What will you do? >[[Join Langston->SecUNA good guy storyline]] >[[Go to the locker->locker]]

-- [align center] {embed image: open_email_image} [cont] [if mailcheck > 0] Oh no... you accidentally clicked on the attachment although you saw the email was suspicious. It appears to be a briefing document. Moments later, your computer starts behaving erratically, and a message appears: “BitBandit thanks you for your contribution." [else] You click the attachment, which appears to be a briefing document. Moments later, your computer starts behaving erratically, and a message appears: “BitBandit thanks you for your contribution." [continued] What just happened? [after 3 seconds] You just got phished! [continued] <blockquote class="warning"> Phishing is a technique where attackers impersonate trusted entities to trick individuals into revealing sensitive information or downloading malicious software. This can lead to data breaches, identity theft, and financial loss. It stands for "Password + Fishing" You should always check for these things first:<br> - sender<br> - links<br> - attachments And don't forget that language is important, as well as if you expect the email. </blockquote> >[[Check the red flags again->Check the red flags again]] >[[Run Diagnostic Tools->Fight the virus yourself]] >[[Contact IT to report the breach->Contact IT]] >[[Ignore the problem->Ignore the Problem]] >[[Keep it to yourself->Keep it to yourself]]

-- [align center] {embed image: fight_the_virus_yourself_image} [cont] The last thing you want is anyone knowing you fell for such a simple trap. Confident in your skills, you run diagnostic tools and work to contain the virus yourself, hoping SecUNA's data remains secure. You find and purge the virus, but it is already too late. The time it took you to deal with the virus allowed BitBandit to gather enough evidence against you to expose you as the reason the weakness in the hospital's security was covered up. >[[Oh no...->Oh no...]]

-- [align center] {embed image: ignore_the_problem_image} [cont] You successfully ignore the problem. Not much time later BitBandit gathers enough evidence against you to expose you as the reason the weakness in the hospitals' security was covered up, since you opened the email. >[[Oh no...->Oh no...]]

fired: true -- [align center] {embed image: oh_no_image} [cont] The chain reaction is severe. You're officially fired from SecUNA and publicly denounced by the executive team. As you clear your desk, Langston calls you to his office. “Look, {playerName}, we both know you messed up, but I have a proposition. I'm forming a team to take down BitBandit. It's outside company jurisdiction, so no red tape. The team's made up of people with their own reasons to go after them. You in?” As you weigh your options, another thought crosses your mind: you could respond to the phishing email from BitBandit's domain. It's risky, but it might open a line of communication—and an opportunity to outsmart (or join) them. >[[Join Langston->SecUNA good guy storyline]] >[[Reach out to BitBandit->Contact from BitBandit]]

-- [align center] {embed image: keep_it_to_yourself_image} [cont] You realize that if it gets out you received an email from BitBandit, Langston would be furious with you. And you know, that somehow you probably got hacked. Over the next few days, you're certain this will blow up in your face, but for some reason, nothing happens. It seems the email was harmless after all. But why? >[[Do business as usual->Business as usual]] >[[Reach out to BitBandit->Contact from BitBandit]]

-- [align center] {embed passage: 'BitBandit Message'} [cont] Your days blur as you handle security breaches for SecUNA's clients. >[[Let's see->fired]]

fired: true -- [align center] {embed image: fired_image} [cont] On a rainy day, Director Langston walks into your office. You are officially fired from SecUNA and publicly denounced by the executive team. An anonymous source has sent them a message claiming that you installed a virus on company network, and the evidence has been traced back to you. Perhaps the email wasn't as harmless as you thought. Despite your protests, no one believes it wasn't intentional. After all, you could have reported it later—and the signs should have been clear. >[[Now what?->Contact from BitBandit]]

-- [align center] {embed image: contact_it_image} [cont] Good job on reporting the breach, even if you already opened the email! You realize you've messed up, putting SecUNA at risk, but hey, at least you still have your job. IT scrambles to contain the breach, but BitBandit accesses critical data. While SecUNA's files remain secure, they seem to have stolen details about your private online activity - though you're unsure what. Langston is furious. “If I needed something from you, I'd ask in person!” he snaps. >[[Keep your head down->Keep your head down]]

-- [align center] {embed image: keep_your_head_down_image} [cont] Good job on reporting the breach! But it'll be best for everyone if you just put this experience behind yourself. >[[Let's see->Contact from BitBandit]]

-- [align center] {embed image: bitbandit_message_image} [cont] After some time, you get directly contacted by BitBandit. "Listen," the message reads, "I know we don't always see eye to eye, but I think we can help each other."

-- [align center] {embed image: contact_from_bitbandit_image} [cont] You try to ignore it, but the fact remains that BitBandit actually contacted you <span class="tooltip">without ill intent<span class="tooltiptext">Well, probably, at least.</span></span>. Surely it wouldn't hurt to reach out to them? Curiosity wins, and you write back. The email bounces, but soon you get a text: [if leaked > 0] “We know that you leaked the report. We need people like you on our team which fight for the right thing. You can also stay with SecUNA, but we will destroy you and SecUNA, since you are only profiting from poor security standards and not really helping institutions like hospitals. If you want answers, go to the main bus station, locker 428. Come alone.” [else] "You're on the wrong side. We know about your hospital reports. You didn't leak them, leaving the institutions like hospitals stranded. The only one profiting is you. We'll destroy you and SecUNA. We'll give you a chance to join us. If you want answers, main bus station, locker 428. Come alone." [continued] [if fired] You're not sure what to think. You've been fired from SecUNA, and now BitBandit is offering you a chance to join them. It's a risky move, but it could be your only option. With no other options and no job to fall back on, BitBandit doesn't seem like such a bad group after all. Listening to what they have to say might not be the worst idea. >[[Now what?->locker]] [else] You're not sure what to think. You've been working for SecUNA, and now BitBandit is offering you a chance to join them. It seems like the wrong thing to do, but maybe there's more to the story than you know. >[[Work with BitBandit->locker]] >[[Work with SecUNA->SecUNA good guy storyline]] [continue]