Phishing Awareness Campaign

Curbing the risk of phishing by raising awareness

Phishing is a daily threat on the web. Cyber criminals try to obtain access data or confidential information with increasingly professional emails containing dangerous links or malicious attachments. A single click on a malicious phishing link from a single employee can already have devastating consequences. Without sensitized and trained personnel, no effective protection against this form of cyber attack is possible. This is exactly where our awareness campaigns come in.

usd Phishing Awareness Campaign

As part of the usd phishing awareness campaign, we simulate an attack on your company via email. The sent email contains a link that leads to a target page (landing page). Employees who reach this landing page are directly and positively informed about the awareness campaign in a "teachable moment" and receive tips on how to better recognize this and future phishing emails.

PCI Compliance Sicherheitsschutz

Joint design of Phishing email and landing page so that the campaign fits your business

PCI Compliance Sicherheitsschutz

Involvement of all relevant stakeholders in the campaign

Preparation of all technical, organizational and communication measures

PCI Compliance Sicherheitsschutz

Support from our experienced consultants
in communication with codetermination bodies

PCI Compliance Sicherheitsschutz

Sensitization of your employees to the dangers of phishing. Verifiable statements about the level of awareness in your company

PCI Compliance Sicherheitsschutz

Report on the overall result of the campaign and recommendations for further action

Our Approach

Preparation & Preliminary Test

We start with a joint kick-off meeting to coordinate the framework conditions for the planned campaign. This includes selecting a scenario including the level of difficulty, content and layout design, determining a date for sending the phishing message, and defining specific target and evaluation groups. In this phase, you have the opportunity to prepare your internal organization and IT for the project.

At the same time, we initialize the usd phishing platform, put the agreed target page online and carry out a preliminary test together with you. You give the final approval of the content and the dispatch date.

Execution

On the agreed date, all persons on your distribution list receive the coordinated phishing message including the phishing link. No malware is downloaded during the simulated attack, nor is any confidential data read or misused. Clicking on the link is considered a successful attack in the final evaluation. After the click, the employee lands on the target page, which provides information about the awareness campaign and imparts knowledge about phishing.

Evaluation & Report

After the previously defined runtime, the campaign is closed and the pages are removed from the internet. This is followed by an evaluation based on the registered number of clicks on the phishing link, which we make available to you afterwards.

In the final report we document all important points and results of the phishing simulation for you. There is no personal evaluation, so there are no disadvantages for individual employees of your company. All data will be irrevocably deleted after successful acceptance of the report.

Afterwards, we will be happy to support you with our expertise on follow-up measures.

Contact

 

Please contact us with any questions or queries.

Phone: +49 6102 8631-190
E-mail: sales@usd.de
PGP Key
S/MIME
Contact form

 

Felix Schmidt
usd Team Lead Sales
Security Consulting