Therefore it is vital to understand how your workforce handles real life phishing attacks, and improve the detection and reporting rate. Whether it is a generic phishing attempt sent to many users of the internet, or a campaign that is specifically targeted to your company to breach your first line of defense, both could lead to a serious breach of your organization.
Secura offers three types of phishing services, depending on the needs of your organization:
- Broad phishing attempt of all employees with standardized scenario's for training and awareness purposes. Our platform lets you choose from a number of templates for the phishing mail, all with their own scenario and landing page.
Each scenario leads to a landing page, where a message is displayed that informs the user that this was, in fact, a phishing attempt. The page further provides guidance on how to recognize such e-mails in the future. Optionally, users can be asked to enter their credentials before this message is shown, in order to measure their willingness to disclose their passwords. This metric is especially good to measure the progress of awareness campaigns over time.
- Targeted spearphishing with the goal of extracting credentials from employees. The scenarios used for these spearphishing emails will be based on so-called OSINT (Open Source Intelligence) data that will be gathered about your organization and employees to increase the likelihood that the phishing attempt will work. This type of phishing service resembles a real world attacker that is specifically targeting your organization.
- Custom phishing that is specifically tailored to your needs. For example phishing with malicious office documents to emulate real world APT-groups or ransomware infection vectors.
Finally, Secura's phishing services can be combined with either our SAFE program to change the behavior of your employees towards a more secure way of working, or with Secura's Red Team and Pentesting services to determine the real world impact of successful phishing campaigns.
