Phishing your own It takes ONE to catch ONE

1. Phishing your own: It takes ONE to catch ONE Intruders looking for access to a company’s sensitive information are willing to try and entice or dupe an internal employee into holding open a locked door. This is precisely the purpose for which phishing and spear phishing scams are ‘designed’. Information security experts often consider employees as the frailest link in enterprise security. Cyber crime and cyber espionage are coming up with ways to make the most of negligent user behaviour. Attackers seem to have got it right that panic and excitement, when used right, can trigger impulsive action. More often than not, these social engineering attacks have succeeded in entrapping even the not-so-gullible. So how do companies stay secure while having entrusted enterprise security and sensitive information with their employees? How should enterprises protect themselves from data leakages when all it takes is one wrong click to let in destructive malware and spyware? Your best defence against phishing is in understanding how attacks can masquerade as seemingly harmless emails and how your users would react to them.

2. The solution – Safe and contained phishing tests for user behaviour profiling • Aleph Tav Technologies performs harnessed, imitative phishing tests for employee groups – aimed at training them to spot phishing scams. • Testing user awareness can give corporate networks much needed clarity on the volume and severity of damage that a phishing attack can do. By helping understand ways in which general email behaviour can be taken advantage of, a simulated phishing attack test can give insights for security policy re-evaluation and employee sensitization. • What does the test do? • With a multi-stage phishing awareness test, we seek to evaluate user awareness on different degrees. • Components of the controlled testing module include the distribution of mimicked, cloned email alerts that trick employees into disclosing credentials and personal information. Other attacks can mimic employee benefit email messages to test the level of gullibility where the element of excitement comes into play. • A user who falls for the test email and discloses sensitive information is considered to have failed the test.

3. In an effort to drive in the message, Aleph Tav Technologies uses a conclusive testing phase incorporating an educative campaign aimed at sensitizing users and teams on the vitality of the role they play in protecting enterprise assets and personal information. The potential risks involved in email behaviour are also emphasized. • Benefits for your enterprise • What can the test reveal? • An accurate account of the percentage of employees who are phishing-prone. • Assessment of the consequences of a real time social engineering attack. • A clear picture of the ‘ripple-effect’ of a potential phishing attack that attempts to gain access into the internal systems network. • We help you identify test modules that best suit your needs and employee profiles. We are poised to enable cost benefits with plans costing you as little as a cup of coffee per user. • Article Resource: http://blogs.alephtavtech.com/network/phishing-your-own-it-takes-one-to-catch-one/