Ransomware and Business Email Compromise are the two most financially damaging cyber attacks on Malaysian organisations. Together they account for the majority of reported cyber losses — and both succeed primarily because staff do not recognise them until it is too late. This 1-day programme changes that.
Participants leave knowing exactly how these attacks work, what the warning signs look like in real email and system scenarios, and what to do in the first critical hours of an incident.
HRD Corp SBL-Khas Claimable
8:30 AM – 9:00 AM
Registration & Welcome
Participant registration, programme overview, and objectives.
9:00 AM – 10:15 AM
Understanding Ransomware
How ransomware enters organisations — phishing, RDP, vulnerable software; encryption and extortion mechanics; double extortion and data leak threats; ransomware-as-a-service and affiliate models; real Malaysian and regional incident examples.
10:15 AM – 10:30 AM
Break
10:30 AM – 12:00 PM
Business Email Compromise
Anatomy of a BEC attack; CEO fraud and executive impersonation; invoice and payment fraud; fake vendor account changes; account takeover via phishing; why BEC causes larger financial losses than ransomware; Malaysian police report statistics and case studies.
12:00 PM – 1:00 PM
Lunch
1:00 PM – 2:15 PM
Recognising the Warning Signs
Red flags in emails: domain spoofing, display name deception, urgency cues, unusual sender patterns; signs of ransomware activity on your device or network; what a compromised email account looks like from the inside; practical exercises using real-world examples.
2:15 PM – 3:15 PM
Prevention & Safe Habits
Multi-factor authentication explained simply; safe link and attachment handling; payment verification procedures that stop BEC; backup fundamentals and why offline backups matter; what IT controls are protecting you and what gaps remain.
3:15 PM – 3:30 PM
Break
3:30 PM – 4:15 PM
When You Are Under Attack
Immediate response steps for ransomware: isolate, do not pay immediately, preserve evidence; immediate steps for BEC: contact your bank within the hour, do not delete emails; reporting to NACSA, PDRM Cybercrime Division, and Bank Negara Malaysia; what information authorities need from you.
4:15 PM – 4:45 PM
Assessment
Individual written assessment. 70% pass mark required. One resit permitted within 14 days.
4:45 PM – 5:00 PM
Closing Remarks & Certificate Presentation
Programme wrap-up, open Q&A, and certificate presentation.
All staff with email access, particularly those in finance, operations, procurement, and administration. Business owners and SME management. IT helpdesk and operations teams. Any employee who handles payments, approves transactions, or manages vendor relationships.
Level Foundational — suitable for all staff regardless of role or technical background
Duration 1 Day | 8:30 AM – 5:00 PM
Training Mode Physical / In-House
Venue Kuala Lumpur, Malaysia, or in-house at client's premises
Assessment Written knowledge check — 70% pass mark. One resit within 14 days.
Certificate Certificate of Completion issued by Orbix Tech Sdn Bhd upon successful assessment and full attendance
Includes Training materials, workbook, assessment, and Certificate of Completion. Participants responsible for travel and accommodation.
Price RM 1,750 per participant — Contact us to register or enquire about group rates
