Phishing Simulations: Will your users take the bait?
By Richard Pardoe
What is phishing?
Phishing is where an attacker will send you an e-mail acting as a trusted entity (like your bank or someone you know) to obtain your sensitive information such as credit cards and passwords. You may also be asked to download malicious files which look legitimate.
What is Phishing Awareness and Why is it so Important?
Phishing awareness involves training your employees to make your business less likely becoming a victim of phishing. Employees need to know what a phishing e-mail looks like, how to react to one and how it can affect the organisation they work for and themselves.
Why should you take phishing awareness so seriously?
If you ignore phishing awareness this makes your business and employees more vulnerable and more likely to be a victim of a phishing attack. Between 80 - 90% of hacks and data breaches involve users falling victim to a phishing attack. It must also be stressed that it only requires one employee to click a suspicious e-mail which can lead to catastrophic consequences. It is also recommended that you do phishing awareness training once a month to ensure your employees are always aware of the threat of phishing.
Kevin Mitnick, a computer security consultant and once the worlds most wanted hacker says “your users are the weak link in your network security. They need to be trained”.
Damon Rands, CEO of Wolfberry Cyber Security Ltd says “The threat of phishing is more real than ever. It is vital you test your employees regularly and it must be stressed that all it takes is one employee to be a victim of phishing which can put your entire organisation in danger”.
What can you do?
Wolfberry run bespoke and relevant simulations designed to fully test your users. These awareness tests give you a true reflection of the effects of phishing to your organisation, unlike templated off-the-shelf phishing simulations. On average, 14% of users click on links during these exercises, demonstrating just how effective these attacks are.
If you are interested in finding out more about phishing awareness and want to make your business less likely to be a victim of phishing, contact phishing@wolfberrycs.com
Sources