Phishing your own: It takes ONE to catch ONE (1)

About This Presentation

Title:

Description:

Number of Views:4

Slides: 4

Provided by: alephtavtech

Category: Medicine, Science & Technology

Tags: iot | penetration_testing | pt | security_testing | va

Transcript and Presenter's Notes

Title: Phishing your own: It takes ONE to catch ONE (1)

1
Phishing your own It takes ONE to catch ONE

Intruders looking for access to a companys
sensitive information are willing to try and
entice or dupe an internal employee into holding
open a locked door. This is precisely the purpose
for which phishing and spear phishing scams are
designed. Information security experts often
consider employees as the frailest link in
enterprise security. Cyber crime and cyber
espionage are coming up with ways to make the
most of negligent user behaviour.
Attackers seem to have got it right that panic
and excitement, when used right, can trigger
impulsive action. More often than not, these
social engineering attacks have succeeded in
entrapping even the not-so-gullible.
So how do companies stay secure while having
entrusted enterprise security and sensitive
information with their employees? How should
enterprises protect themselves from data leakages
when all it takes is one wrong click to let in
destructive malware and spyware? Your best
defence against phishing is in understanding how
attacks can masquerade as seemingly harmless
emails and how your users would react to them.

The solution Safe and contained phishing tests
for user behaviour profiling
Aleph Tav Technologies performs harnessed,
imitative phishing tests for employee groups
aimed at training them to spot phishing scams.
Testing user awareness can give corporate
networks much needed clarity on the volume and
severity of damage that a phishing attack can do.
By helping understand ways in which general email
behaviour can be taken advantage of, a simulated
phishing attack test can give insights for
security policy re-evaluation and employee
sensitization.
What does the test do?
With a multi-stage phishing awareness test, we
seek to evaluate user awareness on different
degrees.
Components of the controlled testing module
include the distribution of mimicked, cloned
email alerts that trick employees into disclosing
credentials and personal information. Other
attacks can mimic employee benefit email messages
to test the level of gullibility where the
element of excitement comes into play.
A user who falls for the test email and discloses
sensitive information is considered to have
failed the test.

In an effort to drive in the message, Aleph Tav
Technologies uses a conclusive testing phase
incorporating an educative campaign aimed at
sensitizing users and teams on the vitality of
the role they play in protecting enterprise
assets and personal information. The potential
risks involved in email behaviour are also
emphasized.
Benefits for your enterprise
What can the test reveal?
An accurate account of the percentage of
employees who are phishing-prone.
Assessment of the consequences of a real time
social engineering attack.
A clear picture of the ripple-effect of a
potential phishing attack that attempts to gain
access into the internal systems network.
We help you identify test modules that best suit
your needs and employee profiles. We are poised
to enable cost benefits with plans costing you as
little as a cup of coffee per user.
Article Resource http//blogs.alephtavtech.com/ne
twork/phishing-your-own-it-takes-one-to-catch-one/