Reduce the Risk of a Damaging Social Engineering Attack against your Employees with Barracuda PhishLine
It’s Boom Time for Cyber Criminals
The Coronacrisis has provided a once-in-a-lifetime (we hope) opportunity to cyber criminals the world over. In response, they have collectively ramped-up their efforts to capitalise on the confusion and remote working arrangements forced on us by the virus.
Email security company Barracuda last week published a study of more than 1,000 IT decision-makers in four countries. 51% of respondents said that since moving to a remote working model their organisations had seen a rise in email phishing attacks and 46% had experienced at least one security scare.
And a study of 1.4 billion emails published in April by security company GreatHorn showed around 2.4% of them contained COVID-19 references, and a whopping 36.6% (12.2 million) of those emails were malicious in nature.
Considering around 306 billion emails are sent each day in 2020, the maths suggest around 2.6 billion scam emails related to Coronavirus are being sent daily.
Why is it such a Good Time to be a Bad Actor?
For many companies, the rapid shift to working from home has come at the cost of typical governance and security activities.
That same Barracuda study showed that 46% of decision-makers are not confident that their web applications are completely secure, and 50% have allowed employees to use personal email addresses and personal devices to conduct company work – usually something they would never do.
- 55% say they would not have implemented remote working within the next 5 years, had it not been for the COVID-19 crisis, and
- 56% plan to continue widespread remote working even after the crisis is over
Companies have been forced to make IT decisions in advance of being prepared for the risks and even after a sense of normalcy returns, the new normal will probably include more remote working arrangements where the regular checks and balances of office life don’t apply. That’s why it’s Christmas time for criminals.
And that means more opportunity for compromise.
How can you fight back?
You can wrap your staff in layer upon layer of automated security, but a skilled attacker can still occasionally bypass them to strike at your team.
That’s when they have to be ready.
Crafted from more than a decade of frontline research into malicious email activity, PhishLine is a tool that actively shapes your employees’ responses to social engineering and turns them from an attack surface into a layer of defence.
- Simulate real-world phishing attacks customised to your business while you or your IT provider manage the campaign from a centralised administration hub
- Establish a benchmark for your team’s potential for compromise.
- Deliver training to your most at-risk employees based on a combination of their job responsibilities and past actions. An inbuilt workflow engine can deliver training to users that perform an unsafe action as part of a phishing campaign then test to ensure the training has stuck.
- Survey your team to establish their underlying attitudes towards information security and evaluate the effectiveness of your security awareness training from their perspective.
- Integrate with your HR workflows. Training can be packaged into your new starter programme, making security a part of life for new employees right from their first week on the job.
- Allow administrators to build customized campaigns relevant to the Australian context based on current real-world events
And it does all that across phishing emails, smishing (SMS messaging that encourages unsafe real world actions), vishing (voicemail messages that also result in compromised behaviour) and found physical media (flash storage that users come across and sometimes load into their devices).
It’s the only tool we know of that can train your team across all those attack vectors.
New simulation and training content is added daily, to reflect the most recent threats.
Every Company has a Requirement for PhishLine
Your staff’s global risk profile is changing constantly as new employees join, and social engineers evolve their attack methods. Continual exposure to the latest training offered through PhishLine is the only way to elevate your team’s preparedness to resist attack and keep it high.
There’s not a single company that isn’t at risk of data loss, financial fraud, or embarrassing exposure as a result of social engineering.
PhishLine is the leading profiling and training tool to counter that risk.
During May and June 2020, you can start a month-long, full functionality trial of PhishLine for just $899 plus gst. That’s a $700 saving on the usual set-up cost with no licensing cost and no obligation whatsoever past your trial.
To take advantage of our offer, call our sales team on 1300 667 871 or head to the Contact Us page.