Phishing is one of the easiest ways for an attacker to gain a foothold in an organization’s network. According to our 2016 Attack Vectors Report, 36% of SecureState’s successful external network penetrations resulted from phishing, by far the largest attack vector. Recognizing the risk posed by phishing, a large manufacturing organization with a global reach contacted SecureState to test its employees’ security awareness. This organization’s challenge was unique in that it required the phishing emails to be sent in English, Mandarin Chinese, German, and Dutch.
After receiving a list of users to target, SecureState conducted open source intelligence gathering on the organization to determine the best phishing pretext. Intelligence included public information from company websites, networking site profiles, open source information gathering tools, and internet searches.
Phishing Self Service:
Security Awareness Training can only take you so far. Conducting phishing attacks against your organization brings to light how effective your training is. King Phisher allows you to collect metrics and track trends in user awareness. The more you test, the easier it is for your users to identify a real attack and report it according your policies. Let the power of King Phisher work for your Awareness Program.