Level 2- 2025 CAM Scavenger Hunt!

Posted by Locke Motley Posted on October 3, 2025
A picture of zeros and ones on a green background.

Level Two steps up the challenge from Level One. You’ll still be exploring the Berry Cybersecurity News and Alerts site, but this time you’ll need to dig a little deeper. Each question will include a hint—but thinking outside the box will be key. To keep things simple, remember to submit all answers in lowercase. Good luck, and happy hunting!

    Question 1: Generative artificial intelligence (AI) took a powerful leap forward recently. With the advent of Google’s Veo3 generative AI model, videos generated by AI are getting close to indistinguishable from actual events. We will all have to be much more careful with anything posted online or delivered to us via social media or email. That includes phishing emails we receive by the hundreds each week. Attackers use generative AI to write their phishing emails. This makes them pretty convincing, but the basic red flags for spotting phishing emails are usually still applicable. I list out many of them on the Phishing Quick Info page on this site, but the ones to keep in mind now are, one, you don’t have any kind of relationship with the sender, business or personal, and two, it is “______” you reply, for any number of reasons. Keep these two red flags in mind as you attempt to spot phishing emails that manage to slip past our email filters. This will only become more and more important as attackers get more sophisticated.

    Question 2: These two parts depend on YOU to implement them. While we as the Office of Information Technology (OIT) can mandate strong passwords, MFA, and phishing training, much like the government mandates seat belts be installed in every vehicle, you have to do the work of using good, unique passwords and strong MFA methods like the Microsoft ________. You also have to take the time to learn how to recognize phishing emails. These two elements are just like you having to be the one to put on your seat belt in a vehicle. Failing to do both of these things is like buckling that seat belt behind you in the seat. It can result in not only losing control of your account to an attacker, but can open up your various accounts and the information and systems you are entrusted to protect, both personally and professionally, to theft and destruction. (Hint: Look for a seatbelt on the website)

    Question 3: When posting on social media, it’s essential to prioritize protecting your privacy. The first step is to be mindful of the information you share publicly. Think twice before posting personal details in your profile, such as your address, phone number, or particularly any financial information. Additionally, avoid sharing identifying photos or updates that could reveal sensitive information about yourself. For example, it’s great to share photos and videos about your vacation and the great (or not so great) times you are having, but the time to post these is _______ you return. While your images may not have the immediacy they would have if you posted while on vacation, they also don’t advertise the fact that you are currently away from your home, possibly even out of the country. Announcing this invites bad actors to attempt to social engineer you or even attempt to break into your home. (Hint: Welcome to Data Privacy Week!)

    Have you uncovered the key to unlock Level Three?
    To move forward, submit your name and email.
    Your answers will be sent to you—along with instructions for what’s next.
    But remember: only the right responses will illuminate the way.
    Choose carefully… the challenge is just heating up.

    Featured image

    (Visited 99 times, 1 visits today)