Phishing Simulation

SecOrigin can help you in knowing the Human error in your organization by performing the phishing simulation. These types of interactive phishing tests can be a part of any security awareness training initiative and allow your organization to test user knowledge with a real-world scenario. Phishing simulations add a powerful dimension to awareness campaigns and facilitate the process of training your legion of cyber heroes.

SecOrigin have developed in-house methodology to perform phishing simulation which is given below,

 

  • Understand the requirement and identify the scope items to target
  • Setting up the environment on cloud vendor such as Amazon
  • Designing Campaigns as per the requirements , Execution
  • Analysis of the results on the basis of Click Rate, Phish rate.
  • Recommendation and training awareness guides on the basis of results
Step 1
Environment Setup

Our team will setup the environment as per the need of the organization, we do have few AWS instances and setup for our phishing simulation tools for better availability. During this phase team will configure the necessary tools as per the approval.

Step 2
Campaign Designing and Approval

Our team will get in touch with the internal poc’s for the template approval and to design the pages as per their internal running portal so that the UI looks exactly the replica of actual running services and also suggest templates and then after the approval, those templates will be finalized to send out to the employee. We will only provide password as a field in the designed template but not store passwords due to privacy concerns.

Step 3
Execution

During, this phase all the finalized templates will be configured in the tool and then our phishing experts will start running the campaigns during the approved duration and monitor the result.

Step 4
Analysis on Click rate and Phish Rate

During this phase, team will analyse the number of employees got tricked in to clicking on the links and number of employees got tricked in submitting their credentials.

Step 5
Reporting and Training

On the basis of the analysis, team will create a detailed execution report containing all the attack narrative and detailed execution of the simulation program. We will also share the few tips and guides to how employees can easily identify phishing links and also create few quizzes for organization to regularly aware their employees.

Our Services

Vulnerability Management

Assessment

Cloud Security

Security Compliances

Source Code Review

Digital Forensics

Contact Us