Phishing Testing
In today’s world, Phishing is a common attack vector used by bad actors against organizations & individuals, involving fraudulent emails designed to lure or entice employees into accesing the email, opening malware-infected attachments or programs, clicking on malicious links, and so on – or even forwarding the fraudulent email to others. (!) A Simulated Phishing test allows you to evaluate your team’s ability to detect and handle fraudulent email – without the consequences of the real thing.
This service is a discovery exercise that is executed with the involvement and knowledge of a few key people within an organization. We then send emails to your user community that are designed to entice them to open the email, click on embedded links, etc. The testing approach is similar to what a cybercriminal would do, and can be complete with bespoke addresses, email content, and even full websites for added legitimacy.
The difference between us and a would-be cybercriminal is that the end goal of conducting such a discovery exercise is added security for the organization, and not a data breach.
Results & Reporting
Whether the Simulated Phishing is successful in deceiving employees or employees are able to detect and avoid it, our discovery and reporting provides valuable information – and potentially actionable takeaways – about your security posture and the company’s exposure to Phishing risk.