Process of phishing test
Here's how we help improve your team's response to phishing
What is a Phishingtest?
A phishing test is a test to find out how resilient and aware you are as an organisation when hackers make use of the most common means of attack: the e-mail. We developed this because damage caused by phishing increases every year. Phishing is “fishing” for fraud-sensitive data. Hackers are increasingly sophisticated when it comes to stealing e-mail data. They also use this method to install ransomware or other harmful software within your organisation, with all its consequences.
What does a Phishingtest involve?
A phishing test means that everyone in your organisation receives a fictitious e-mail, just like they regularly do in real life. In the e-mail, employees are tempted to click on the link it contains. If they click, we try to get them to provide their password to our untrusted site. Next, we offer them a download of an Office document containing a macro: software that is built into the document and that runs when the document is opened. If, that is, users ignore several warnings their computer will give them. In all stages, we take detailed measurements of behaviour and response.
How can I use the results?
A phishing test is not just a security awareness tool. It provides you with opportunities to make technical improvements as well. Aside from detailed information about how users respond to these e-mails, how strong their passwords are, and how behaviour correlates with departments and locations, you will get detailed technical info about anti-spam and anti-phishing measures you could take. And if that’s not enough, you get insight into what devices and browsers people are using, and whether these are up-to-date with security patches.
Is this not just a snapshot in time?
Yes it is. That’s why we developed Phishing-As-A-Service. With this service, people don’t get a phishing e-mail all at the same time, but spread out over a month or quarter. People don’t get the same e-mail: everyone gets a random message from our large library of phishing scenarios. This gives you continuous insight into user behaviour, and can make the effect of awareness efforts measurable: our dashboard shows you a day-by-day running total of clicks, logins and infections, in percentages per department and location. This means you can precisely focus awareness efforts where they’re most needed.
Contact Securance
Feel free to reach out to us with any questions you might have.
