Why not to copy vendor notifications in phishing tests
Some vendors’ confusing notifications make easy phishing tests, but that doesn’t mean you should use them.
[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”1_2,1_2″ _builder_version=”4.16″ min_height=”670px” custom_padding=”5px||8px|||” global_colors_info=”{}”][et_pb_column type=”1_2″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_text _builder_version=”4.17.6″ text_font_size=”20px” text_line_height=”1.8em” header_2_line_height=”1.4em” min_height=”596px” custom_margin=”||-1px|||” global_colors_info=”{}”]Replicating these easy tests will only create an adversarial relationship between employees and the IT Security team.
Yes, attackers who know you use [vendor product with poor messaging] will impersonate them. But replicating them in a phishing test doesn’t address the root problem, and just annoys people to the point of rebellion.
Here’s an analogy:
Imagine a battlefield where you’re in a ground force that happens to have poor security of their own messaging. Attackers can easily send spoofed messages to the front lines that impersonate their commanders.
Should you test the soldiers’ ability to authenticate the incoming messages at the front line by sending them fake, test messages to see if they spot them? Or should you fix the security of your army’s messaging protocol?
[/et_pb_text][/et_pb_column][et_pb_column type=”1_2″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_image src=”https://clickarmor.ca/wp-content/uploads/2023/12/unsplashimage-18.png” alt=”Photo of a fish hook on a laptop to represent live phishing tests” title_text=”unsplashimage (18)” align=”center” _builder_version=”4.23.1″ _module_preset=”default” module_alignment=”center” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″][/et_pb_image][et_pb_text _builder_version=”4.23.1″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]Photo by Brett Jordan on Unsplash
[/et_pb_text][et_pb_cta title=”It’s been a “super-fantastic” experience to see people learning and talking about security threats.” button_url=”https://clickarmor.ca/quick-start-bundle-gamified-security-awareness-training-and-engagement/” button_text=”Start Your 6-Week Quick Start Bundle Now” _builder_version=”4.16″ _module_preset=”default” locked=”off” global_colors_info=”{}”]For just $325 USD, you can run a 6 week, automated program for gamified phishing awareness training and challenges. (Limited time offer. Normally valued at $999 USD)
Use Promo Code: 6WEEKS
[/et_pb_cta][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.16″ custom_padding=”8px|||||” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_text _builder_version=”4.17.6″ text_font_size=”20px” text_line_height=”1.8em” header_2_line_height=”1.4em” min_height=”8px” custom_margin=”-20px|||||” custom_padding=”22px||0px|||” global_colors_info=”{}”]The answer is to fix the root problem: the army’s messaging protocol, or in the security world, your organization’s cyber security training strategy.
[/et_pb_text][et_pb_button button_url=”https://clickarmor.ca/trial” button_text=”Book a free trial of Click Armor to start strengthening your security culture” button_alignment=”center” _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][/et_pb_button][et_pb_text _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”]
Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.
[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.16″ global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_post_nav prev_text=”Previous Post” next_text=”Next Post” _builder_version=”4.16″ title_text_color=”#ffffff” background_color=”rgba(14,79,136,0.68)” custom_padding=”5px|10px|5px|10px|true|true” border_radii=”on|4px|4px|4px|4px” border_width_all=”1px” global_colors_info=”{}”][/et_pb_post_nav][/et_pb_column][/et_pb_row][/et_pb_section]