What is a phishing assessment?
A phishing assessment is where deceptive or malicious emails are sent to members of staff, within an organisation, in an attempt to coerce staff members to follow provided links, open file attachments or provide access to sensitive information or systems.
Why Conduct A Phishing Assessment?
With social attacks continuing to be the most prevalent method of compromise today, financially motivated global adversaries are now deploying ever more sophisticated phishing attacks in an attempt to gain a foothold in your corporate network and ultimately gain access to business critical data.
The average time from the email landing in an employee inbox to a foothold being gained on the workstation is a matter of minutes meaning initial detection and response needs to happen as fast as possible.
As part of our approach, our Penetration Testers will mimic real-world techniques used by advanced adversaries to coerce your users into submitting credentials, downloading and executing files and ultimately providing access to your internal network, inboxes and other sensitive business data. By exposing staff to regular phishing assessments we can reinforce vigilance and correct behaviour helping you to test the responsiveness of your staff in the event of a real world attack.
Our extensive reports provide a full breakdown of timelines and statistics regarding the results of the assessment as well as detailed advice for both general staff and IT team members to follow in the event of a Phishing attack.
A Phishing assessment and report will allow your business to:
- Test the overall responsiveness of your staff to a phishing attempt.
- Directly measure staff compliance against internal policies and procedures
- Make ongoing improvements to your organisations security posture via specialist support, advice and consultancy.
- Adhere to regulatory bodies who require Phishing assessments be performed.
- Gain access to a dedicated team of specialist CREST Registered penetration testers who use the latest tools and techniques to accurately assess and identify emerging threats
+ Q: Why do I need a Phishing Assessment?
Phishing and pretexting represent 98% of social incidents and 93% of breaches. Despite this staggering statistic, the employee is an often overlooked component of the organisational attack surface. By exposing staff to regular phishing assessments we can reinforce vigilance and correct behaviour and help you test the responsiveness of your staff.
+ Q: What will I receive after the test has been completed?
The deliverable from any Phishing Assessment is a complete report providing a full breakdown of methods, timelines and statistics regarding the assessment results as well as detailed advice for both general staff and IT team members to follow in the event of a phishing attack.