Telecommunications company Internet Solutions (IS) has debuted a new service that allows security teams in companies to launch authentic phishing attacks on their colleagues, scaring them stiff and teaching them valuable lessons about cyber security.
Dubbed PhishNet, the service aims to educate staffers about the nature, mechanics and calling cards of a phishing attack while providing the companies with data on their security practices and infrastructure.
No ad to show here.
PhishNet’s debut comes at a time when cyber security is paramount in media and mainstream conversation, following the recent WannaCry and Petya ransomware attacks. WannaCry in particular — which infected more than 250 000 computers in less than a week — is believed to have stemmed from a dodgy email.
How does PhishNet aim to change this? Well, by sending a dodgy email of its own.
PhishNet aims to educate staffers on the nature of phishing attacks while providing companies with information on their security structures
Companies sign up to the service, give IS a mailing list or two (or just your boss’s mailing address if it’s a Monday) and it prepares the phishing mail.
According to Internet Solutions, the mails are laced with tell-tale clues that should out them as suspect to keen observers.
“Despite deliberate spelling errors, an outdated logo and a questionable subject line, a staggering 40% of recipients clicked the phishing link contained in the email,” the company reveals, quoting results from its tests.
The company also provides information on who fell victim to the mock attack, who provided personal and company data to the phishing scam and who’s still running that 10-year-old version of Internet Explorer on their machine.
We’ve reached out to IS for more info on pricing.