Phishing Security Testing from Corsaire
Phishing attacks originate in many forms; from a simple email celebrating your lottery win, to a sophisticated targeted campaign designed to compromise your corporate network in order to facilitate data theft and financial gain.
What is a phishing attack?
Phishing attacks are emails that claim to be from a legitimate sender in order to obtain sensitive information such as usernames and passwords, credit cards and other personal information. Phishing emails can also contain malicious attachments designed to infect computers and mobile devices.
Why do I need phishing security testing and training?
Unlike other forms of data theft that can be protected by your corporate security policies, anti-virus, and firewall; phishing attacks target unsuspecting users, who are your last line of defence when emails pass your mail filter.
Our tailored phishing assessments are conducted through a realistic but controlled environment, and enable your business to evaluate, risk assess and protect your employees and your businesses sensitive information.
What does the phishing assessment cover?
We follow a detailed testing methodology which is tailored to suit your business requirements and designed to evaluate your employees responses to different types of phishing attacks. This consists of:
Generic Phishing Attack Assessment
- Genuine (in-the-wild) phishing emails
- Blatant phishing emails from popular social media or internet baking sites asking users to provide sensitive information or open an attached document.
Targeted Spear Phishing Assessment
- Email designed to impersonate your corporation or trusted third party, enticing end-users to participate and disclose sensitive information.
- Registering similar domain names (e.g h.sbc.co.uk or goooogle.com) for sensitive data capture via spoofed login forms and surveys.
A comprehensive report including assessment metrics and employee responses.
- The assessment metrics provided in the report can be used to highlight and potential weaknesses in your corporate email policies to help facilitate end-user training, including re-running the assessment at a later date to assess the effectiveness of your training program.
Corsaire's flagship training courses
We provide a range of training courses including employee awareness training of phishing attacks. Take a look at our Training and Workshops.
If you would like more information on phishing assessments, a free no-obligation discussion with one of our team, get in touch.