Phishing training of employees
We plan and execute simulated phishing attacks to train your employees to detect and respond to malicious email-attacks. Through advanced metrics the organization can track risk behaviour of employees and departments and build cyber awareness.
Interested in phishing training of your employees?
Common Phishing Variations
Regular Phishing
A non- or semi-targeted attack against a large number of targets. Generally not very sophisticated, relying on the sheer quantity of recipients to hope that at least some of them are tricked.
Spear Phishing
A more sophisticated attack against specific target (organizations or even individuals), using knowledge of the target to craft the attack. These attacks often attempt to trick the recipient by posing as a legitimate and relevant source, which may be business partners, authorities within the target organization, government agencies or other sources that the recipient may genuinely expect to be contacted by.
Whale Phishing
An even more specific type of Spear Phishing, aimed at a single targeted indivudal. These types of attack require considerable preparation and careful crafting, giving that there is only one recipient, and success is entirely dependent on this one target being fooled by the attack. A successful attack of this type can do tremendous damage, if the attacker is then able to leverage the victim’s authority within the organization, or make use of their access to highly sensitive information and systems to perform follow-up attacks.
Common phishing techniques:
Posing as legal, financial, or governmental institutions to lend an air of authority
Implying an immediate need for action on the part of the recipient, such as by implying a time limit until loss of access to a system, that the recipient has been recently hacked, or that a lack of action will result in a heavy fine or legal action
Implying great financial gain if action is taken
Mimicking the visual design and mannerisms of well known and used services, sending messages the recipient would expect from the services in question.