What we do
After we send our phishing emails to your employees, we track who opened, clicked and then entered their credentials into our fake web pages. We are then able to present you with statistics, broken down by company department, location, or any other metric you’d like.
Preparation is key to giving you accurate results and making the simulation as realistic as possible. To create authentic and believable scenarios, we couple this Phishing Simulation with our Online Exposure Assessment.
We go through the actions of an attacker to set up a believable email phishing campaign, including:
- Registering domain names similar to your company name and sending emails using that domain.
- Carefully constructing emails (either HTML or plaintext format), using a credible scenario that entices recipients to open and click on the embedded link
- Analysing the results to create revealing statistics (e.g. number of emails opened; how many users clicked the link; how many of those users entered credentials).
Results from the phishing simulation can then be grouped into your departments, showing you any particular teams that are prone to introducing risk into the business and may require Staff Security Awareness Training.
Related
- Quick Guide: Understanding Ransomware - It has become all to familiar, reading the news and coming across a story about a ransomware attack. But what
- Phishing – A straightforward guide to a common problem - How do you spot a phishing attack? There are a number of ways to check if an email is suspicious.
- Are phishing assessments worth the money? - Security suppliers offer phishing simulations that aim to assess the susceptibility of your employees to a phishing attack. But are