Máte otázky? Zavolajte nám

Phishing attack simulation

Project Information

Client
Company in the Czech Republic
Number of employees
1200
Project length
5 weeks
Services
IT & Cyber security services

How 52% of users voluntarily provided us their passwords

1/3 of cyber attacks (€1.1bn) are carried out via phising
• Phising attacks grew by 600% after February 2020
• Increased risk associated with working from home and multiplatform IT environment (PC / mobile / cloud)

Project Description

• Simulation of phishing attack by email

• Email with a link to the web form for “password level evaluation”

 

What is phising?

Phishing is (mostly) email communication sent by attackers – hackers in order to obtain personal data such as login names and passwords to systems (eg internet banking) and the like. The information thus obtained is then used for further intrusion into systems, extortion, identity theft or finance. Phishing emails often contain malicious code (malware), which is initialized by opening or an action in the email.

WHEN and WHERE to implement a phishing simulation

  • When a company wants to protect its and its customers’ data
  • In all companies that use services such as email, online client databases, e-shops, ERP / CRM, etc
  • As a regular annual activity along with IT security training for IT users
  • Recommended minimum number of IT users is 30+

HOW the phishing attack is simulated

1. The client approves the scope, content and form of emails, and schedule
2. Preparation of communication environment, domains and addresses, testing, whitelisting of domains
3. We simulate a phishing attack, in waves
4. Final report including recommendations for addressing risks

BENEFITS for the organisation

• Identify the state of user security awareness
• The weakest link in IT security is the user - by addressing the identified risks, you will strengthen the security of the IT organisation
• "Quick wins" for setting up email servers

Results

Corrective activities

140 sent emails
61% of users opened a report
56% of users cllicked on hypertext link
52% of users entered their passwords (92% of clicks)