Page 66 - index
P. 66
The Company sent a “your package has been delivered” phishing email. Those that fell for the
attack were automatically assigned to complete interactive training modules that taught end
users how to spot traps in emails and how to identify fraudulent URLs. Then the Company sent
another phishing email to the same group of employees.
Almost 35% of the recipients fell for the first mock phishing attack but less than 6% fell for the
second phishing attack, which shows an 84% decrease in susceptibility in less than 60 days.
Summary
Phishing attacks aren’t going away any time soon. The mindset that eventually someone will
find a technology that prevents these attacks is too passive for the increasingly sophisticated
threats at hand. Information security officers have a responsibility to their organizations and to
the general public to effectively teach people how to recognize and avoid these attacks both at
work and at home. The right approach to change user behavior is not difficult to implement.
About the author
Joe Ferrara is CEO of Wombat Security Technologies, a provider of information
security awareness and training software to help organizations teach their
employees secure behavior. Joe Ferrara has recently been named as “CEO of
the Year” by the CEO Awards and is an EY Entrepreneur Of The Year™ 2014
Award finalist in Western Pennsylvania and West Virginia.
66 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
