Internet Solutions has launched PhishNet, a corporate information security education service which lets security teams launch authentic phishing campaigns against their colleagues.
Phishing remains a popular form of cybercrime as it is highly profitable, said IS.
Banking PINs, credit card details, passwords, personal information, and confidential company and client information can all be obtained via fraudulent emails.
PhishNet bolsters training by demonstrating what a phishing lure looks like.
“Employee behaviour is one of the biggest risks to cybersecurity,” said Sean Nourse, chief solutions officer at IS.
“Phishing attacks are increasingly sophisticated and they target individuals, so proactive employee education is an important element of a cybersecurity strategy.”
IS said it tested the efficacy of phishing by sending a PhishNet campaign to IT-savvy contacts. Despite deliberate spelling errors, an outdated logo, and a questionable subject line, it found that 40% of recipients clicked the phishing link in the email.
“This test clearly demonstrated that everyone is vulnerable to phishing, not only people who are technologically inexperienced. We can be negligent using our personal devices, and we’re no different when using company laptops, phones, and tablets.”