Ever wonder how your team would respond to a phishing email? ITS can help you administer phishing assessments to find weaknesses and allow you to train in specific problem areas.
Over 80% of viruses, ransomware, data leaks and other IT nightmares are initiated with a click in an email. The click may download a file, lead to a virus-laden website, or encourage users to enter credentials on a fake portal.
Phishing Assessments allow us to systematically develop emails that look realistic but also mimic current email threats. If users engage with our assessment emails, their clicks are noted and flagged for follow-up. No viruses are downloaded, and no embarrassing pop-ups announcing the user’s failure to identify the email as spam. This allows for targeted training and education opportunities: we can follow-up with specific users and/or we can follow-up with more samples of the types of emails that generated the most clicks.
Cybersecurity experts estimate that Ransomware will attack a business every 14 seconds.
Social Engineering Calls
If your company is also vulnerable to phone calls that request personal information, login credentials, etc., ITS can also provide targeted phone calls to test responses to requests for information.
Prevention is the Best Medicine
Unfortunately, phishing and social engineering are still very active threats for our business and K-12 clients. While there are technology products and services that allow us to limit the amount of threats you see or receive, training your staff still provides the biggest impact when it comes to cyber security.
You can choose to target all of the email users on your domain for the phishing assessment, specific departments, or specific users. The costs for the assessment are based on the number of recipients selected for your target group.
We have stock email campaigns and landing pages developed, but can also develop custom content to mimic specific threats your users have experienced or specific types of emails they may receive from vendors, services or clients (DropBox, Office 365, etc.) ITS works together with members on your team to create and approve the phishing assessment campaign. We want the campaign to look realistic, but not be stressful for users.
The emails generally run for two weeks, and are sent during normal office hours.
Our assessment data tracks users that clicked links in the phishing email, interacted with a landing page, and/or submitted information via the landing page or responded to the email. We are also able to show your admin team and users which components of the email were the “gotchas” and should have indicated the emails were spam. From here, we can work with your team to develop specific training materials and opportunities for staff.
Contact ITS for more information on our Phishing and Social Engineering Assessments.
To learn more about social engineering and how hazardous it can be for businesses, read our article about social engineering.