Overview

Product

PHISHING SIMULATION

Are you interested in the click behavior of your employees and looking for a concrete method to arm them against the threats of phishing? Please continue reading!

The Awareways Approach

Awareways methods go beyond click behavior. We excel in behavioral change. That moment where you decide to click or not to click is just where our jobs begin. We use our own phishing simulation software to continuously and proactively train employees.

Prevent oversaturation (‘Another instructional email? Please tell IT to stop’) and find out what we can do for you. We offer one-off phishing events with guaranteed impact or long term flexible training programs that respond to the campaign results and yield concrete outcomes to work with.

Research: the influence of authority and time pressure on click behavior

Those who receive a phishing email are more likely to click on a dangerous link if authority is one of the variables on which the email is designed. This is what our research shows, which has produced an insightful whitepaper titled ‘Effect on click behavior’.

We are happy to share our results with you.

Autonomously start your training today by reading our 5 practical tips. Prefer to work with experts? Get in touch!

Contact us

1. Take precautionary measures

Fortunately, a lot of spam is automatically intercepted to prevent you from being inundated with false emails on a daily basis. It’s not easy to stop phishing altogether, but you can certainly take a few steps to protect yourself.

Start by properly setting up your spam folder so that the lion’s share of phishing emails don’t even reach your inbox. And a good virus scanner is also a must. But above all, make sure you don’t just leave your email address everywhere. The more often you enter your details on random websites, the greater the chance that they will come fishing in your inbox. So create a free account, for example in Gmail, especially for all those websites where you don’t want to leave your ‘normal’ email address.

2. Do not share personal or financial information

A bank, insurance company or subscription service will never ask for your social security number or your PIN, bank account or credit card number via e-mail (or by phone). They will also never send you through a hyperlink to a website where you are asked for security codes, certainly not through an SMS or social media.

Therefore, never share these details if you are asked for them in an e-mail. When in doubt, always contact the party concerned before responding to anything substantive, as chances are the message did not come from them.

smishing

3. Stay alert – outside of your inbox too

Phishing is hardly limited to email traffic, so always be on the looking during your various¬†other online habits as well. Malicious URLs and links that want to fool you can be found just as easily on websites (“You are our 1,000,000th visitor, click & win!”) and are also increasingly being distributed via social media.

Fraudsters are usually even more effective on Facebook and certainly via SMS/WhatsApp, because internet users are more likely to follow a link there than in a dubious email from an unknown sender. Especially when that message seems to come from someone they know. So don’t just click on any links elsewhere on the Internet!

4. Doubts? They are often justified!

You know the drill: it all seems right, yet something feels slighly off. The message is not quite relevant, the person or agency in question would never formulate it in such a way, the tone is not right – et cetera. If an email doesn’t feel quite right, then something is probably off. In short: if you have doubts, they are often justified.

Check for so-called ‘red flags’ that help you to recognize a phishing e-mail: a strange e-mail address of the sender, an overly excited (positive) message, a form of pressure or threat, many language errors or strange translations, a strange URL under a link or a different, impersonal salutation. Uncertain? Just go directly (not via email) to the sender’s website to find out the truth. And remember: too good to be true is often too good to be true!

5. Fell for it? Always report it!

Of course it can happen that you click on a link or open an attachment. In general, we observe that employees are more susceptible to phishing around lunch time and are also less aware of the risks at the end of the working day. Always make sure you report it immediately to the helpdesk or to the appropriate colleague in the IT department.

The quicker you act, the greater the chance that the damage from ransomware or other dangerous exploits can be limited. And be sure to do this even if you haven’t clicked as well, as it provides a valuable warning for colleagues.

Awareways Phishing Simulation

Prefer the professional way? The Awareways approach goes far beyond click behavior. Our expertise is in behavioural change, so that moment where you decide to click or not to click is just where our jobs begin. We have our own phishing simulation software that trains employees continuously and proactively.

We provide everything from a one-off phishing action with impact to continuous training courses in which we adjust the campaign based on the results and provide concrete tools. Contact us to find out more!

Awareways

Euclideslaan 141 3584 BR Utrecht
+31 (0)30 227 14 67
info@awareways.com

Contactform