Phishing

Topsec PhishingAwareness Training-as-a-Service

Phishing, Spear-Phishing, Whaling, CEO fraud and Social Engineering Attacks are on the rise and they all target your employees to open the doors on your organisation. They come in various formats from email scams to fraudulent websites, however they all have the same aim, to steal your company’s data and resources such as usernames, passwords, bank account details and other sensitive information which may result in lost revenue, legal action, unwanted PR and increased costs.

Employees are an organisation’s biggest asset, however from an IT Security perspective, they can be your biggest weakness. Over ninety percent of malware requires human interaction, so why not educate your employees to identify malicious phishing emails. Topsec Phishing Awareness Training allows you to deliver customised simulated phishing emails to employees over a pre-defined period which display “Teachable Moments” messages to individuals who fall for the mock phishing attack.

In conjunction with you, we develop and administer preconfigured or customised phishing attacks at random intervals from our established content library, providing you with a report on the results of each campaign so you can better understand your organisation’s risk and respond accordingly.

How It Works

  • 1. You provide us with a list of email address. We set up and manage the mock attacks.
  • 2. We send employees a (safe) phishing email.
  • 3. Employees who click the phishing link, get taken to a phishing awareness training page and must complete online training on how to spot a phishing attack.
  • 4. We send you reports on the mock phishing campaigns and the online training which was undertaken.
  • 5. We then repeat the process at random intervals with varied emails and diffi culty levels so you can keep employees educated and alert with current phishing threats.

Benefits

  • Variety of customisable email templates and landing pages which address various testing factors such as requests for personal data and attachment downloads.
  • Creates “Teachable Moments” for employees who fail a mock attack, providing them with practical information on the situation, educating them on what to look out for in the future and testing them on what they have learnt.
  • Reports on each mock attack and the overall phishing campaigns, providing valuable insights into how your employees responded to various attack scenarios and your organisations vulnerability to phishing attacks so you can act accordingly.
  • Random scheduling to spread out the distribution of emails over a period of time to reduce the chance that employees will be aware a mock attack is taking place which preserves the integrity of each assessment.
  • Educate your employees and get them thinking about best practice and how they should respond to threats, signifi cantly reducing your IT Security risk.