What is meant by ethical phishing?
You may remember the emails from a few years ago. Messages from your 'bank' which contained a link with which you can directly transfer € 1000 to your account credited. Or messages from the 'government' with a payment link that would be in a huge hurry. These emails were full with spelling mistakes, often had a particularly curved layout or came from an email address with at least 100 characters, eliminating the rogue background of the mail soon became clear. At one point it was even nice to receive the mails, to see what the cyber criminals are doing now had thought again.
Unfortunately, criminals are a lot smarter these days. The texts do not contain more errors than the emails from your bank itself. The format of the mails are a lot better and it is more difficult to reach the e-mail address see that it is nonsense. Don't forget that there are huge amounts of money going around in this Branche; every person who falls for phishing contributes to the capital of the criminals, who use this money for others to scam people.
So it is not surprising that your employees still fall for it phishing. Even when you repeatedly warn them. It happens at all the people; cyber criminals know exactly what they are doing and how they can persuade people to click on links, attachments too download or even have payments made immediately.
When we ethically use phishing, we do so with a clear target. We want to show your employees how easy it is to be a criminal can get certain data. Only people who are aware of online security, are the people who are assets within your company. Other employees are risk factors. What happens when one of the employees at the business e-mail address fall for phishing, or even opens an email with an attachment that a hacker has direct access to to the corporate network?
In addition, are the data of your employee the same for the personal account as the company account (often the same password), then this is totally a security hole where you cannot needs.
What do we do with ethical phishing?
With ethical phishing, the exact same thing happens as when a criminal gets started with phishing, but we do not use the data your employee provides us after opening our mail. We can go on this way to identify which employees are in the phishing mail steps and to what extent they are willing to provide information.
That way you know better which employees are well aware of safety risks, which employees these are not and to what extent your company runs risks thanks to employees who have too little knowledge of online security.
If desired (or necessary) we can ethically post your employees phishing also includes a course, where the results of our show phishing and show your employees how they can do better to secure. A number of tips that you can use now;
Always check the sender
Check the URL of the link in the mail
Never enter data requested by e-mail by the bank or government; they do not ask you for your personal information by email
Invoice or attachment from a partner, but you don't expect anything? Then take Contact your partner personally first when you find the situation does not trust
Is ethical phishing necessary within your company?
Many companies are currently working hard on online security and the information security in general. There are several reasons in front of. Many companies can intrude into the sensitive or personal data simply cannot afford, as this is a trust issue and damages image. Other companies are forced to get the highest level of online security, because it is important that the financcompany or customers can be protected.
The security of your corporate network and data is not in here the complete picture. Your employees are also a risk factor. If they allow themselves to be hacked or trapped in a phishing email, then they cause a leak in your security. Even when the protection of your network is perfectly in order, your employees put it on this way wide open the door to criminals. Therefore creating (or raising awareness of digital security is of great importance when the security of your company is high on the agenda.
Do you want to use ethical phishing or do you have any questions?
The use of ethical phishing has been one time and again in the past eye opener. People are more likely to fall for well-designed pitfalls than you may think. Do you want to know how your employees score, please contact us about ethical phishing. We go then look together with you at the possibilities and the costs of ethics are phishing, so we can always tailor a plan for your company.
Would you like to know more about the possibilities or do you have questions about the prices or the method we use in ethical phishing? Then take feel free to contact us so that we can proceed personally help with answers and tailor-made advice.