The Service
Simulated phishing tests are email based social engineering exercises, mirroring sophisticated real-world phishing attempts. At BH Consulting we construct a targeted campaign and send emails to your staff to test their response to typical phishing scams.
Social engineering is the use of communication methods such as telephone or email to deceive individuals into divulging confidential or personal data for fraudulent purposes. This type of attack typically tries to entice your employees into taking actions that undermine the security of information systems or disclose data. There are many different forms of social engineering used by attackers today such as; phishing, vishing, smishing, invoice redirection or physical compromise.
These types of exercise will determine if:
Your organisation’s email security systems will detect and block these suspicious emails
Your employees will engage with these emails by clicking on any links and/or attachments
The Benefits
Protect your critical data from being leaked via phishing attacks
Better equip your business and your employees to spot and mitigate phishing attacks
Reduce the risk of a phishing-related data breach, data loss or potential cyber attack
Decrease the need to disinfect or re-image systems after an attack
Minimise the risk of negative publicity generated by a data breach or interrupted operations
The Challenge
One of the key attack vectors used to break into an organisation’s system, is to send phishing emails to staff within the target organisation. Although implementation of security technology controls is important in securing your information systems, staff awareness and organisational security measures are just as vital in securing your business and your data.
Simulated email phishing test will evaluate how your users will react in the event of a real attack. They will educate your employees on how best to identify and respond to such attacks. Additionally, they can help you assess how effective your current strategies to defend against similar attacks are, and to what extent you need to improve your user awareness and education.
Our Process
Our consultants will work with you to agree the type of scenario(s) most suitable for the environment within your organisation. Based on this, they will then create customised simulated email phishing campaigns for your target audience that replicate the tactics of real-world attacks.
Once all tests are conducted and results gathered, we will provide you with a report of findings including some practical recommendations.
At the end of this engagement you will be able to determine whether;
Your organisation’s email security systems can effectively detect and block suspicious emails
Staff members have sufficient knowledge and awareness to detect such emails
Staff members will engage with these emails by clicking on any links and/or attachments within
At BH Consulting we believe in promoting a positive security culture in organisations; one that encourages openness and reporting of suspicious emails. With the appropriate training, your users can become your strongest asset rather than your weakest link.
Let’s Talk
Please fill out the below form and we will get back to you as soon as possible