Product | customized training
Email is hardly the only communication channel used for phishing. Cyber criminals can just as easily approach their targets via SMS or WhatsApp. We call that ‘smishing’. And then there is the possibility of telephone fraud: vishing (voice phishing).
The latter is on the rise, as you can just as easily be asked to provide information over the phone. Information which is then used to further breach your organization.
What is vishing?
Phishing remains the number one strategy for cybercriminals. Fraudsters have an ever-expanding bag of tricks for angling for our data, and especially our savings. Voice phishing scams are on the rise.
Example: an “employee” of the bank calls (and the actual phone number of your bank appears on your display) and convinces you to move money to a safe account. Several hundreds of consumers have been duped into spending tens of thousands of euros, but for companies the damage is often far greater.
Unfortunately, it’s quite easy to have a telephone mirror a specific number. And it’s not just those strange calls with unknown country codes from Asia and Africa, but ‘normal’ callers with a very clear story, told in your own language. If they appear to have all the right background information, it becomes very difficult to spot the fraud.
How does it work?
Cybercriminals know that you can obtain sensitive information by simply asking for it. Moreover, scams and tricks are much more convincing if the fraudster already has as much information as possible. About your organization, but also about the employees personally. A profile is created via Google, LinkedIn and of course the company website. This online available information is then used against them.
Phishing is an attack strategy that is usually part of a larger scheme, which means that voice phishing scams are rarely isolated actions. More often, the goal is ‘merely’ to open the next (digital) door. We help you to deny them that access through customized vishing training.
What can you do?
Spear phishing and WhatsApp fraud are good examples where social engineering and good preparation on the part of the fraudster increase his chances of success. With voice phishing, it’s no different.
Our vishing simulation – a strategy with which we approach your employees from various calling scenarios – therefore reflects that reality so that we can train your employees on everyday risks. The accompanying briefing and supporting documentation are also delivered in the tone and style of the organization.
Awareness as a starting point
We help your organization become immune to (cyber) threats by initiating long-term behavioral change among employees. A behavioral change that starts with awareness.
The goal of the vishing simulation is first and foremost to increase the knowledge level. By measuring whether your employees recognise voice phishing scams, and by showing them what sensitive information they may have conveyed in the process.
How works the Awareways vishing simulation?
The social engineer in our simulation, a voice actor who contacts your organization and pretends to be an IT employee, is out for login credentials and other confidential information. He does so using scenarios written specifally for your organization, as our vishing simulation is not a generic product, but a tailor-made solution to best approach the daily practice, work situation and information facilities of your organization.
We understand that our vishing simulation is an intervention that raise a few questions among employees, despite the extensive debriefing every callee receives. Therefore, email templates and further details also provided, to be distributed throughout the organization.
Our expertise is behavioral change. The phone calls are just a starting point. From our phishing simulation software, we can train your employees on an ongoing basis.
We provide everything from a one-time campaign with practical tools to continuous and full-scope training programs, in which we can adjust our approach based on dynamic results.
Reach out to us by filling out the contact form below!
Euclideslaan 141 3584 BR Utrecht
+31 (0)30 227 14 67