DATA DOCTORS

How can I give my employees a fake phishing scam?

May 4, 2019, 5:00 AM
(Pexels photo)...
(Pexels photo)
(Pexels photo)

Q: What can I do to test my employees to see how likely they are to fall for a phishing scam?

A: More than ever, businesses are a primary target of cyber criminals because they know that a business is more likely to pay more in a ransomware scam or wire fraud scam.

Not only is there more money to be made, they have a larger number of targets they can pursue to achieve their goals.  All it takes is one user in the company to fall for a cleverly crafted email for the infiltration to begin.

The weakest security link

No matter how sophisticated your cyber-security technology has been setup to prevent unauthorized access to your network, your employees are your last line of defense.

Your users are also the easiest way to gain access, so rather than trying to penetrate your technology fortress head on, thieves will simply use clever tricks on humans to bypass your security systems.

The methods used by cyber thieves continue to evolve, so continuous education and awareness of the threat is the only way to harden your employees.

Cyber security is never going to be a ‘fire and forget’ process, so building a strategic plan for ongoing education is highly recommended.

It should be considered a compliance issue much like you approach accounting and HR issues and regulations.

Free test tools

Lots of companies have created tools and resources that will both test and educate your employees.

One of my long-time favorites is a company called KnowBe4, which offers over a dozen free tools that any business can use to test their employees or check for breach exposures.

Another reason I like this company is because their ‘Chief Hacking Officer’ is Kevin Mitnick, once known as the ‘World’s Most Wanted Hacker’ in the mid 90’s and author of “The Art of Deception: Controlling the Human Element of Security”.

He’s since turned his talents from crime to consulting and helps companies understand how hackers think and act.

Phishing reply test

Of the 14 free tools offered by KnowBe4, one of the most helpful is the Phishing Reply Test because it shows you who opened the suspicious message but more importantly, who fell for the trick and replied to the message.

You can choose from 3 different scenarios to send to your employees and spoof the sender’s name by using someone they would likely trust – just like real phishing scams often do – then compile the results for you within 24 hours.

CEO fraud attack

Testing to see if your employees will fall for a spoofed internal email is always a good check, as a fake message from an important person in your organization is a common attack technique.

The Domain Spoof Test will require that the person in charge of your email platform and security be involved, because it’s a little more involved than some of the other tests.

Each of their free test tools can be requested by filling out the form associated with each tool, so it won’t take long for you to start assessing your employees so you’ll know what you need to teach them.

Data Doctors

(Pexels Photo)...
Ken Colburn, Data Doctors

What to know about the Marco Polo video chat app

The Marco Polo app is a video chat program that’s like a walkie-talkie conversation instead of a live session.
6 days ago
...
Ken Colburn, Data Doctors

Here are some tips on how to speed up slow starting computers

Here are some ways you can identify and solve potential issues that may be causing your computer to start up slower than normal.
13 days ago
(AP Photo/Jenny Kane, File)...
Data Doctors

An explanation of how new credit cards have information stolen

If you've ever wondered how people can crack a new credit card, here's a rundown and a brief explanation on what thieves could be doing.
20 days ago
(Pexels Photo)...
Ken Colburn, Data Doctors

Here are the differences between Google Chrome and Microsoft Edge

Half of the United States uses Google Chrome as a default browser, but here are the key differences between Chrome and Microsoft Edge.
27 days ago
(Pexels Photo)...
Data Doctors

Tips on how and when to use the iPhone screen recording feature

Here are some tips on when and how to use the the screen recording feature located on the dropdown bar on your iPhone.
1 month ago
In this photo illustration a spam 'Phishing' email is displayed on a laptop screen on March 21,2022...
Data Doctors

Tips and tools to detect and avoid computer phishing scams

Far and away, the method of choice for compromising users is through sophisticated phishing messages in email, via text messaging and through social media accounts.
1 month ago

Sponsored Articles

...
Quantum Fiber

How high-speed fiber internet edges out cable for everyday use

In a world where technology drives so much of our daily lives, a lack of high-speed internet can be a major issue.
...
Quantum Fiber

Stream 4K and more with powerful, high-speed fiber internet

Picking which streaming services to subscribe to are difficult choices, and there is no room for internet that cannot handle increased demands.
...
Quantum Fiber

How high-speed fiber internet can improve everyday life

Quantum Fiber supplies unlimited data with speeds up to 940 mbps, enough to share 4K videos with coworkers 20 times faster than a cable.
How can I give my employees a fake phishing scam?