Phishing Awareness Campaign
Curbing the risk of phishing by raising awareness
Phishing is a daily threat on the web. Cyber criminals try to obtain access data or confidential information with increasingly professional emails containing dangerous links or malicious attachments. A single click on a malicious phishing link from a single employee can already have devastating consequences. Without sensitized and trained personnel, no effective protection against this form of cyber attack is possible. This is exactly where our awareness campaigns come in.
usd Phishing Awareness Campaign
As part of the usd phishing awareness campaign, we simulate an attack on your company via email. The sent email contains a link that leads to a target page (landing page). Employees who reach this landing page are directly and positively informed about the awareness campaign in a "teachable moment" and receive tips on how to better recognize this and future phishing emails.
Joint design of Phishing email and landing page so that the campaign fits your business
Involvement of all relevant stakeholders in the campaign
Preparation of all technical, organizational and communication measures
Support from our experienced consultants
in communication with codetermination bodies
Sensitization of your employees to the dangers of phishing. Verifiable statements about the level of awareness in your company
Report on the overall result of the campaign and recommendations for further action
Our Approach
Preparation & Preliminary Test
We start with a joint kick-off meeting to coordinate the framework conditions for the planned campaign. This includes selecting a scenario including the level of difficulty, content and layout design, determining a date for sending the phishing message, and defining specific target and evaluation groups. In this phase, you have the opportunity to prepare your internal organization and IT for the project.
At the same time, we initialize the usd phishing platform, put the agreed target page online and carry out a preliminary test together with you. You give the final approval of the content and the dispatch date.
Execution
On the agreed date, all persons on your distribution list receive the coordinated phishing message including the phishing link. No malware is downloaded during the simulated attack, nor is any confidential data read or misused. Clicking on the link is considered a successful attack in the final evaluation. After the click, the employee lands on the target page, which provides information about the awareness campaign and imparts knowledge about phishing.
Evaluation & Report
After the previously defined runtime, the campaign is closed and the pages are removed from the internet. This is followed by an evaluation based on the registered number of clicks on the phishing link, which we make available to you afterwards.
In the final report we document all important points and results of the phishing simulation for you. There is no personal evaluation, so there are no disadvantages for individual employees of your company. All data will be irrevocably deleted after successful acceptance of the report.
Afterwards, we will be happy to support you with our expertise on follow-up measures.
