Cyber Security

Phishing Test

A phishing test is a test to find out how resilient and aware you are as an organisation when hackers make use of the most common means of attack: the e-mail. Watch live while your colleagues take our bait… and learn how to better spot phishing in the future.

Check out our Cyber Security Deal!

Cyber Security

Phishing Test

A phishing test is a test to find out how resilient and aware you are as an organisation when hackers make use of the most common means of attack: the email. Our Dashboard will assist….
Check out our Cyber Security Deal!

monitor phishing response in real-time

Securance's phishing dashboard shows live updates

Learn More

Process of phishing test

Here's how we help improve your team's response to phishing

What is a Phishingtest?

A phishing test is a test to find out how resilient and aware you are as an organisation when
hackers make use of the most common means of attack: the e-mail. We developed this because
damage caused by phishing increases every year. Phishing is “fishing” for fraud-sensitive data.
Hackers are increasingly sophisticated when it comes to stealing e-mail data. They also use this
method to install ransomware or other harmful software within your organisation, with all its
consequences.

What does a Phishingtest involve?

A phishing test means that everyone in your organisation receives a fictitious e-mail, just like they regularly do in real life. In the e-mail, employees are tempted to click on the link it contains. If they click, we try to get them to provide their password to our untrusted site.

Next, we offer them a download of an Office document containing a macro: software that is built into the document and that runs when the document is opened. If, that is, users ignore several warnings their computer will give them.

In all stages, we take detailed measurements of behaviour and response.

How can I use the results?

A phishing test is not just a security awareness tool. It provides you with opportunities to make technical improvements as well.

Aside from detailed information about how users respond to these e-mails, how strong their passwords are, and how behaviour correlates with departments and locations, you will get detailed technical info about anti-spam and anti-phishing measures you could take.

And if that’s not enough, you get insight into what devices and browsers people are using, and whether these are up-to-date with security patches.

Is this not just a snapshot in time?

Yes it is. That’s why we developed Phishing-As-A-Service. With this service, people don’t get a phishing e-mail all at the same time, but spread out over a month or quarter. People don’t get the same e-mail: everyone gets a random message from our large library of phishing scenarios.

This gives you continuous insight into user behaviour, and can make the effect of awareness efforts measurable: our dashboard shows you a day-by-day running total of clicks, logins and infections, in percentages per department and location. This means you can precisely focus awareness efforts where they’re most needed.

What is a Phishingtest?

A phishing test is a test to find out how resilient and aware you are as an organisation when
hackers make use of the most common means of attack: the email. We developed this because
damage caused by phishing increases every year. Phishing is “fishing” for fraud-sensitive data.
Hackers are increasingly sophisticated when it comes to stealing e-mail data. They also use this
method to install ransomware or other harmful software within your organisation, with all its
consequences.

What does a Phishingtest involve?

A phishing test means that everyone in your organisation receives a fictitious e-mail, just like hackers do. In the e-mail, employees are tempted to click on the link it contains. They are then (usually) redirected to a special website. Here we try to separate more data from the employee and/or organisation. We don’t use this data for anything, we only report what happens and whether there is work to be done to raise awareness. Hackers, on the other hand, use the information gained to achieve their goal. And that is often to get to business critical data and actually start using it if their requirements are not met. Or to make money from reselling them. Nowadays, we also often see that the organisation is not the end goal, but the customers of this organisation.

What is in a Phishing test?

A good phishing test consists of:
  • a realistic scenario. Often related to the organisation or that they get something for free or have a chance at it.
  • an e-mail with a button with a link underneath.
  • If necessary, the e-mail can be extended with an attachment.
  • landing page with the possibility to submit more data.

Why is this the ideal test?

This is the ideal test because you are challenged on several levels. Firstly, a realistic scenario is used to objectively measure how many employees click on the link in the mail and how much data is actually left behind. We also take a number of technical issues into account, such as operating systems and browser versions, as well as improving technical security. We also test the incident response, so how long it takes before the phishing email is reported and what the actions of IT are. Finally, raising the level of awareness by sharing the results of the test within the organisation, together with specific do’s and don’ts. This is why we help to put the results of the phishing test in the spotlight in a good way.

Be Sure

Prepare for more customers today.

Get Started