Phish your
colleagues

TipsMeer info

Meer info?

Onze specialisten zullen u contacteren met meer informatie.

Phish your
colleagues

The weakest link

Your security is state of the art. That's great. But it is only as good as the weakest link, and the end users are the weakest link.

Which one will rise to the bait?

Phishers are becoming more and more inventive. Do you know how well your colleagues can handle personalised attacks? Or how quickly someone is prepared to open a risky e-mail attachment?

Knowledge is power

When you know who is susceptible to personalised attacks, you can inform them and make them more aware of the risks. And test them again afterwards...

Security
Awareness
Training

at least 16% are susceptible to phishing. Do you know what this number is in your organisation?

the number is guaranteed to be lower after extensive security awareness training.

The end user remains the weakest link in the network. And this means you and your colleagues remain susceptible to cryptolockers, fraud or data theft. Our phishing software offers protection.

1. Training

We bring you and your colleagues up to speed by providing training about recognizing the most diverse forms of phishing attacks and fraud. They will also get a sense of the enormous risk.

2. Testing

Everyone is then put to the test at an unguarded time; false phishing messages, which you or we have drawn up, are sent to your colleagues. This method ensures the students will apply this knowledge in everyday activities.

3. Analyse

Numbers do not lie. View who clicked where, or who released sensitive information. Colleagues who are still not up to speed can be trained again.

4. Repeat!

Your organisation can only evolve into a safe environment through the regular testing of people and repeatedly addressing the risks of phishing.

10 Tips
To Avoid Phishing

You want to avoid cryptolockers, malware and data theft. Securing both network and devices is a start and an absolute must, but there are many things end users must be able to recognise and avoid because one click can be sufficient for your entire organisation to become technically unusable and for sensitive data to become vulnerable. Some tips are provided below.

1. URLs

When you move your mouse over links contained in an e-mail, you will see the URL to which it leads. Fortis.be may, for example, show up as fortis.bank.ru. This is an easy way to quickly recognise when you are being redirected to an unofficial site.

2. Senders

Do you doubt the authenticity of the sender? In Outlook, you can open an e-mail and view its properties under “File”. The e-mail headers contain technical information, and a lot can be discovered about the legitimacy of the e-mail from this.

3. Spam filter

A lot of non-personalised phishing is sent in bulk and quickly appears on the black lists of known anti-spam filters. It is a known pre-requisite, but a professional anti-spam filter is a must.

4. Passwords

Use unique passwords and change them regularly. You really do not want to be responsible for phishing e-mails that are sent from your account to your network because you use the same password on, for example, Steam or iTunes.

5. Suspicion

Has your manager e-mailed you and asked you to carry out a large transfer “urgently and discretely”? You should first call him or her about it. Or what if your supplier sends an invoice with a “change of account number” by e-mail or post? Again, one phone call can prevent a lot of damage.

6. Extraordinary

Has your IT department suddenly asked you to “re-register” or “verify data” on a page? Or have you received an unusual HR question about your remuneration containing a zipped attachment? The chances are that it is misleading. It can never hurt to verify whether it is genuine by telephone.

7. By telephone

NEVER complete a registration procedure by telephone, and never release personal data over the telephone unless you know and fully trust the person on the other end of the line. With the right background information, scammers can convince even the least gullible people.

8. Public

Social engineering and Spear Phishing mean that as much personal information as possible is gathered about you so you can be targeted. So pay attention to your public profiles on Facebook, Linkedin, Twitter, etc. If your license plate, garage and vehicle type are known, for example, false maintenance invoices can be sent to your accounting department.

9. Attachments

If an unknown sender has sent you a PDF, Xlsx, Docx, exe, etc. or .zip, you always run the risk of collecting a cryptolocker or other malware. We solve this by utilising sandboxing in which your e-mail is fully scrutinised in a virtual environment and all the links are checked.

10. 2 Factor Authentication

More and more platforms offer the option to log on using your password + a unique code generated on your smartphone. Even if scammers have your username and password, they remain powerless because they do not have your smartphone.

Make colleagues aware of the risks & learn to recognise symptoms of phishing
Keep them on their toes using our Security Awareness Training and test their susceptibility
Find out more


Gold Partner