When it comes to security at work (and at home), your employees can be your best asset or worst enemy. They are the first to call you when they are unable to access the internet, receive or send an email or access files in a shared directory. Of course they are also the ones that open up emails from friends that have jokes, friend requests or emails that have PO’s attached, quote attached. Any one of these actions could potentially be a phishing attach – with malware/ransomware payloads, to harvest credentials or to park and wait until it is activated.
Originally spam or phishing attempts were easy to spot with emails full of typos, and poor grammar, now unfortunately they are much more stealthy and sophisticated making it very difficult to identify them.
Some form of security awareness or end user education is vital to ensuring that your organizations first line of defense in security can properly identify an email that may be a phishing/whaling attempt.
Testing will provide the baseline, and then supplement with proven security awareness education – what to look for, where to look for signs, to downloading the attachment or click the link, and then test again.
Depending on your requirements, organizations can choose the level of education and training – from simple phishing, through to vishing ( voicemail from reputable companies ), USB and texting.
Through our partnerships with Sophos and KnowBe4, choose the level that best suits your organization.
If you have any questions, want to see a demonstration or to request an evaluation, please contact us.