E-mail phishing test
Fraud Detector’s email phishing test allows you to easily test how a group of email users from your company responds to phishing emails without the need of installing additional software.
What is phishing?
Phishing is a form of Internet fraud. It consists of scamming people by luring them to a fake website that looks like a real website. Here they are asked to enter data such as their login name and password. With this data, malicious persons can then cause a lot of damage. This includes the appropriation of sensitive (business) data. This can then cause a lot of damage and/or cost money.
How does the phishing simulation work?
We prepare a simple test scenario in consultation with the company. This is often done with the email administrator. A checklist with about 30 points is run through, and agreements are made about the scenario and the planning. We draft an email that connects to the agreed scenario. This can also be several emails that match the department it is sent to. We then forward the test email to all employees who have been specified.
What do we test?
First, the system security is tested. Because the email is spoofed it should not arrive. If it does arrive, then the system administrator knows that something needs to be done about the security of the system.
Second, we test the employees themselves. We look at who opens the email, who clicks the link in the email, who enters data and who responds to the email. Our servers immediately make obtained passwords invisible to us so we do not see them, nor can we find them out. However, malicious persons would of course be able to see the passwords and access your files.
The outcome of the email phishing test
After the test we make an overview of the actions of the employees. You will receive the name of these persons in return so that you can give these employees a learning opportunity. If necessary, we can set up online learning software to train employees further.
In case nobody responded to the test email, nobody clicked the links, and nobody gave the password, you can conclude that your employees have been trained well. You can then demonstrate this on the basis of the report. In reality, it appears that this does not happen very often. Upon request we have a number of references available that show you that large numbers of employees responded to the phishing mails and many (sometimes up to 50%) gave the password to us. The phishing test is an indispensable tool for training employees.
You do not need any technical knowledge and can use this phishing test to test how well your company is prepared for phishing attacks. Most companies choose a phishing and spoofing test, but we also have other scenarios available such as a macro virus test or an integrity test. If you have any questions, you can always contact us by email.