Phishing Testing is an excellent way to train your employees on the latest cyber threats, and keep them from clicking on real phishing emails. Here's how to phish your employees:
Send Phishing Tests to Employees
Send simulated phishing test emails to your employees. These can range from internal emails like IT or HR, Brand Knockoffs like Amazon for Apple, or high urgency phishing emails that ask the employee to click a link or enter information.
Provide Phishing Awareness Training
When employees click on phishing tests or enter/divulge sensitive information, provide an instant training moment that points out what they missed, why it worked, and what they can do to prevent clicking on phishing tests and real phishing emails in the future.
Report on the Phishing Test
One your employee phishing test is complete, generate a report that shows you who opened, clicked, and received training. Cheer on the employees who passed the phishing test, and encourage those who failed.
Allow Employees to Report Phishing Emails
Deploy a Office365, Outlook, or G Suite Plugin that allows employees to report suspected phishing emails to your IT Team. With this tool employees can also scan emails to get instant feedback on whether the email may be phishing or not.
Launch a Free Phishing Test to Your Employees
Assess your company's risk of a phishing attack in minutes. Send a free phishing simulation and preview our security awareness training
Think you can spot a phishing email from a real email? Let's put it to the test!
Would you know if you received a phishing email?
We receive and hundreds of email every day. And while there are many security tools that block most spam and phishing emails, ultimately, some make it through.
There are a few consistent patterns in phishing emails, and if you can learn to identify them, you are much less at risk of clicking on one.
Our free phishing test for employees consists of 10 emails. You'll be presented with an email, and its your job to determine whether it's real or phishing.
Give it a shot!
What is Phishing?
Phishing is a kind of cyber attack in which an attacker tries to get sensitive information from you by disguising as someone else. A phishing attack can be carried out via email, through a text message, or via phone. The attacker can pretend to be your bank or a company you are familiar with, such as Google or Microsoft. By pretending to be a legitimate person or entity, the attacker tries to lure you into revealing sensitive data such as usernames, passwords, and credit card info.
How to spot and avoid phishing emails:
Inspect the email sender address
Scammers will pretend to be a company you may know. However, the sender address will be different. For example, instead of dropbox.com they could be using dr0pbox.com or dropbox.offers4me.com
Hover over the link
If the email seems to be coming from a trusted source, hover over the link and verify that the domain matches who it should be. If it's an email regarding an account you have, you can simply go to that website in your browser. If the alert was real, it'll be there too when you login.
When in doubt, close it out
If you're not sure what to do with a suspicious email, the best thing is to just delete it. Consult with your manager or IT staff to inquire about its validity.
What is a Phishing Test?
While our phishing quiz is an excellent to test your abilities, how will you react in the real world when a phishing email hits your own inbox?
To reduce risk over time, we recommend conduct phishing testing for employees every month. This type of phishing testing contains three elements:
Phishing Simulations
A real-life custom simulated phishing attack built to test and sharpen your employees’ awareness of phishing and social engineering threats.
Security Awareness Training
If employees click on the simulated phishing email, they are redirected to a landing page with a short, funny, but educational video along with tips on how to spot and avoid phishing emails in the future.
Actionable Reporting
After the testing, We send out behavioral data reports, and continually provide valuable feedback and support to broaden cybersecurity awareness.
What does it look like to get a phishing test?
We're glad you asked! Check out this video of our very own John Doe receving a phishing test and security awareness training.
Can I share this phishing quiz with employees?
Absolutely! You can copy the link of this webpage, or use the social sharing buttons at the end of the phishing test.
Phish Your Employees Today
Use Hook Security's PsySec Training to reduce the risk of phishing attacks and create a security-aware culture in your company