Phishing mails are among the most frequent (and most effective) methods of attack today.
In a phishing simulation, we send phishing mails specifically customized to your requirements to the list of mail addresses provided by you (in most cases employees of a company or organization).
The individual scenarios (mail content, attachments, link, landing page etc.) are discussed with you in advance and tested before sending the phishing mails.
After the attack, you get a detailed assessment of the clicks, attachments opened, access data collected etc.
- Opened mails
- Attachments executed
- Links clicked
- Downloaded and executed software
- Form data entered
- Detection of the installed browsers
The campaign can also be carried out anonymously, so you do not know in detail who performed the corresponding actions (possibly necessary for legal or business reasons).
The results will subsequently serve for planning an awareness campaign for your colleagues and as a baseline for comparison with a possible, another phishing campaign carried out after the training – the numbers should then show an improvement in security.
Possible goals of a phishing awareness campaign for employees:
- How does one recognize phishing mails?
- Think before you click
- Information about possible consequences for the company if employees fall for phishing
- Information about the working method and reasons for phishing: What did the attackers aim at?
It would be best to carry out 2-3 campaigns with different scenarios to achieve a meaningful result.
You get a written report with detailed statistics for each of the scenarios.
If you have questions or want an offer for conducting a phishing campaign, please contact us.