Phishing is more prevalent than ever and becoming increasingly more sophisticated. We can help you minimise cyber attacks and identify cyber weaknesses in your organisation through the education and safe testing of your employees through our ethical phishing solutions.
Why use our ethical phishing services?
What is phishing?
Phishing is basically ‘fishing’ for sensitive information. This could be anything from usernames, passwords, bank details, and other personal details. Cyber criminals use ‘bait’, such as a spoof email that looks official, to catch their victims.
Our Ethical Phishing services thoroughly assess the ability of your organisation’s personnel to identify and appropriately act to targeted email phishing attacks. By utilising the tactics, techniques and procedures used by genuine attackers, our range of phishing services can be run as stand-alone exercises, or in conjunction with each other over a period of time, as part of a tailored campaign.
We can even bring your cybersecurity awareness training for employees to life by conducting the ethical phishing service and using the results to tailor your staff’s training programme. This way, their training is conducted with real-world examples that involve them, making the lesson much more memorable.
Did you know that an email that seems trustworthy could be a phishing attempt designed to steal information? We can help you identify them.
Ethical phishing services we offer
Every phishing campaign that we conduct for you concludes with a detailed report of your employee’s susceptibility to certain attacks, complete with actionable recommendations to further improve their abilities and knowledge.
Credential harvesting and pharming
We will coax your organisation’s employees into disclosing their credentials. This service is ideal for assessing your employee’s awareness of phishing email attacks. Furthermore, all credentials obtained can then be reviewed to ensure they adhere to an adequate password policy
Whaling
Akin to Spear Phishing, the target(s) will be at the senior executive level within your organisation. Again, the aim of this test is to gauge the susceptibility of the target(s) to reveal confidential information.
Spear phishing
This uses phishing scenarios previously mentioned but the attack is directed at a specific target group of individuals (e.g. your finance department) using information specific to the target(s). This test allows you to gauge the likelihood of the targets revealing confidential information.