What is Phishing?
Phishing, unlike SPAM, has malicious intent to it. Phishers are looking to gain access to your device and personal information, intending to use this knowledge for immoral purposes.
Attackers would often deploy social engineering where they attempt to manipulate, influence, or deceive you. They would direct you to a fake website that resembles the original by providing a link within the email. You would then be prompted to enter additional information. Other types include:
- Spear Phishing
- Evil Twin
Click here to read our blog on SPAM and phishing.
Phishing might sound scary but there are ways to reduce and prevent the risk. Simple steps such as marking unwanted emails as SPAM and keeping personal information private can go a long way.
Research has shown that user awareness can greatly help in reducing the impact of phishing on your business as it helps users recognise and ignore (or report) these attacks. To this end we offer a service that carries out regular simulated phishing campaigns to ensure your users are vigilant and alert to these types of email.
This service is designed to help you identify those users who cause the largest attack surface, i.e. who is clicking the most links and/or opening the most attachments within phishing emails as well as keeping general alertness high. From the data collected, we can then initiate appropriate training for users that would most benefit from it.
How does it work?
First, simulated phishing emails from an extensive library of authentic looking email templates are sent out to each user to test their phishing and social engineering awareness. These emails can contain links and/or attachments to entice the users to click, the same way an attacker would.
From there, data of all user-interactions with the simulated emails are recorded within the platform. These interactions include opening the emails, opening attachments, replying to emails, and entering data into spoof landing pages.
Users can then receive real-time feedback if they failed the simulated campaign. This can be followed by automated targeted training videos and knowledge assessment quizzes.
Practice makes perfect. Which is why it really pays in the long run to regularly phish and train your users. It’s cost effective too! It is recommended that a campaign is run every few weeks. The process is quick and easy, but most importantly, we can handle it all for you.