Phishing Risk Assessment
Phish yourself today in less than 5 minutes!
Phish5 allows you to create a list of victims, mail them a spear-phishing email, leading them to landing pages you create on domains you choose in minutes; without ever leaving your browser. Track users over time to see which users need more training. They cause reputational damage and even direct losses. It takes less than 5 minutes….Phish your users, before someone else does!
For more information, contact a Blue Turtle consultant and visit www.phish5.com for more information.
Will your users click on emailed links? What do they do when faced with legitimate looking websites? Are their browsers and plugins updated? Without conducting an actual campaign this data is absent so your risk level is unknown, but that data is waiting to be collected. Phish5 provides great metrics that help you determine where your risk lies, and the efficacy of classroom training
1. Create campaign
Select a campaign template and a few configuration details.
2. Target campaign
Upload or enter the details for your intended targets.
3. Design email
Customise the phishing email, including the message envelope as well as its contents. Reuse one of our templates for rapid phishing.
4. Build the phishing website
Your website consists of a landing page and a post-authentication page. Build a custom page or choose from one of our templates. Design a phishing URL that looks authentic, or use your own custom domain.
Review the campaign details, hit launch and follow your campaign’s progress.
Classroom training has its limits, not least the fact that the techniques taught can be difficult to implement in a user’s normal workflow. Instead, train on the job. Send phishing emails that appear in their inbox, and start teaching them how to react with actual phishing mails. Twitter regularly phishes its employees, and you can too (not phish Twitter, that is, but your own employees!)
Bonus: after multiple campaigns you’ll have a list of repeat victims who are in need to additional interventions, and the rest of the users don’t need to attend classroom training.