Sophisticated cyberattacks are on the rise, with email phishing as the most common attack vector.
According to the ‘2022 State of the Phish’ report, a whopping 92% of Australian organisations have experienced a successful phishing attack – the highest of any country surveyed and a 53% year-on-year increase. In addition, 80% of Australian organisations experienced a ransomware attack in 2021 compared to the global average of 68%.
Working from home poses a greater security risk as organisations are required to rely more heavily on email communication to run their businesses, and cybercriminals have an increased opportunity to phish users.
How scammers target users through phishing
Scammers use email or text messages to trick people into giving them personal information like passwords or account numbers. Once they get that information, they can access your email, bank, or other accounts.
Scammers launch thousands of phishing attacks like these every day, often changing tactics — and they are often successful.
Phishing emails and text messages may look like they are from a company you know or trust – a bank, a credit card company, a social networking site, an online payment website or app, or an online store.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may
say they’ve noticed some suspicious activity or log-in attempts
claim there’s a problem with your account or your payment information
say you must confirm some personal information
include a fake invoice
want you to click on a link to make a payment
say you’re eligible to register for a refund
offer a coupon for free stuff
Attack Simulation Training helps mitigate phishing risk
Our team works with our clients to prevent, detect, and remediate vulnerability at the most basic point of attack: the user.
Attack Simulation Training provides a behavior-based solution to mitigate phishing risk. It provides the necessary tools to run intelligent simulations and measure users for a baseline awareness of phishing risk, provide actionable insights and recommendations to remediate risk with hyper-targeted training designed to change behavior, and then measure behavioral progress against that benchmark through repeated simulation.
If you undertake Attack Simulation Training with mcrIT, what can you expect?
A wide library of simulation options, like email links or attachments, invoices, credit notes and other malware and authorisation testing.
Simulations can be run across a team or the entire organisation
Different simulations can be run at the same time, so that users are not ‘aware’ of a specific simulation campaign.
A library of short training videos to address user behaviour
Management reporting providing a view of the user training completion and simulation
Talk to us today about setting up attack simulation training for your organisation.