October is internationally recognised as Cyber Security Awareness Month. To support this important public awareness campaign, we will be sharing our experience and good practices. We have combined the results of 125.940 phishing simulations that were launched within companies from a diverse set of industries.
What is phishing?
Phishing is used by criminals to install malicious software on your computer or to steal your password. In an e-mail or other communication, you are usually asked to click on a link, enter your password on a fake website or to open an attachment. The communication is made to look as though it comes from a trusted sender.
How do our phishing campaigns work?
STEP 1: BASELINE PHISH
We start with a baseline test, this is the first step in creating awareness. The baseline test will identify the Phish-prone percentage of employees and the data will be used to measure future success.
STEP 2: E-learning
Security Awareness e-learning educate employees on how to recognize phishing and how to respond.
STEP 3: MORE PHISHING SIMULATIONS
To reinforce the training and keep the awareness level high, regular simulated attacks are key. These attacks are based on real attacks and latest methodologies.
STEP 4: MEASURE AND ANALYSE
Measuring employees training activity and phishing results. This allows us to identify the most vulnerable employees and to target them more efficiently.
- 50% of phishing messages were opened by the target across all campaigns
- 27% went on to click the malicious attachment or link
- 10% entered their password or other confidential information
Create your human firewall
The above results show a significant drop from 35% to 12% over the period of one year. This proves that phishing simulation campaigns are key in creating awareness amongst employees and protecting your company.
Ready to start phishing your employees? Find out what percentage of your employees click on a phishing e-mail and enter their password. Identify vulnerabilities within your company. Start today!