Educate Your Users Not To Take The Bait: Introduction To Phishing As A Service
Download as PPTX, PDF0 likes1,065 views
This document discusses phishing as a service to educate users about phishing threats. Phishing involves fraudulent emails attempting to steal personal information. Phishing costs billions annually and attacks are increasingly personalized, delivered through multiple channels, and exploit trusted brands. People are the weakest link in security, as users not technology create most breaches. Phishing as a service launches simulated phishing attacks to identify vulnerabilities and educate users, reducing the risk of future attacks. Detailed reports provide visibility to target additional training where needed. The benefits are hardening businesses against phishing through practical demonstrations proven to impact user behavior.
Ad
More Related Content
What's hot (20)
Viewers also liked (20)
Ad
Similar to Educate Your Users Not To Take The Bait: Introduction To Phishing As A Service (20)
Ad
More from SecureData Europe (8)
Recently uploaded (20)
Educate Your Users Not To Take The Bait: Introduction To Phishing As A Service
- 1. EDUCATE YOUR USERS NOT TO TAKE THE BAIT: INTRODUCTION TO PHISHING AS A SERVICE 1 www.secdata.com
- 2. 2 WHAT IS PHISHING? Phishing (noun) The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.
- 3. 3 WE’RE ALL ON THE HOOK Phishing costs the UK £278 million annually Only 1 in 5 emails are genuine 450,000 phishing attacks in 2013 worldwide; 31% targeted the UK Today, phishing attacks are more frequent, more damaging… 720 brands known to be targeted by phishing in 2013 $5.9 billion – the global cost of phishing last year
- 4. 4 WE’RE ALL ON THE HOOK MORE TARGETED: Social media has handed personalised information to scammers “Spear-phishing” with personalised attacks is simple to do based on friends, known purchases etc etc MORE VECTORS: Attacks can come from anywhere. Phishing attacks have been delivered through instant messaging, mobile apps, social networks, online marketplaces and even SMS text messaging MORE TRUST: Users increasingly rely on online brands. Cyber criminals exploit trusted brands by creating fake emails that are very difficult to distinguish from the genuine article. …and more sophisticated:
- 5. 5 TARGETING THE WEAKEST LINK People are the weakest link in the security chain. Phishing is so successful precisely because it targets your users, not your technology. Users, not technology, create 80% of all IT security breaches 58% of untrained employees will click on phishing emails 91% of targeted attacks now involve spear-phishing emails You are only as secure as your least security conscious employee
- 6. EDUCATION IS THE BEST DEFENCE 6 Many technologies can counter phishing attacks, but none are 100% effective. The best protection is to educate your users on the dangers so they can play an active role in your defence. Only by understanding how susceptible your users are to phishing can your organisation take action to reduce risk.
- 7. 7 PHISHING AS A SERVICE Phishing as a Service • Simulate an attack to realistically assess your risk • Identify specific vulnerabilities within your user organisation • Detailed reports provide a clear view of your organisation's vulnerabilities and how to address them ASSESS RISK REDUCE VULNERABILITY • Track users over time to identify who requires further training • Educate your users on the dangers so they can play an active role in your defence • Teach users about security best practices • Show users on how to protect themselves in specific situations or on certain devices Launch and monitor simulated phishing attacks on your users
- 8. HOW THE SERVICE WORKS 8 Simulated attacks on the users you select at frequent, but unpredictable intervals Emails accurately simulate attacks. E.g. They redirect users to custom-built fake login screens Victims are taken to pages that explain their mistake and how to better protect themselves Detailed reporting: how many users clicked on phishing emails, opened links or submitted information Visibility into where to apply additional training is the bedrock of making your organisation more resistant to phishing
- 9. FEATURES AND BENEFITS 9 • Easy to deploy service - no hardware or software needed • Total control over the length, duration and targets of the simulated phishing campaign • Victims of the simulated attack receive notification pages educating them on security best practice • Detailed reports on business impact • Easily monitor your organisation’s risk over time FEATURES • Harden your business against Phishing and reduce risk • Maximise security spend on educating user security defences • Identify where to invest in further security training or new security solutions • Protect yourself quickly through a rapidly deployed service • Practical demonstrations of phishing are proven to impact behaviour over training and policy information BENEFITS
- 10. 10 IN SUMMARY – IT WORKS of users are less likely to fall victim to a future attack after training80% Employees that click on phishing emails can be reduced to just 2%
- 11. Questions? 11 Etienne Greeff CEO [email protected] +44 1622 723400 www.secdata.com