Unknown senders, suspicious attachments or dubious text in the subject line: The warning signs in phishing emails are well known. Nevertheless, phishing attacks succeed again and again – even with experienced users. Raising awareness is always sensible and necessary.

The weakest point: The human. Raising employees's awareness

Increasingly, targeted attacks are directed directly at employees. Phishing uses the human being as a vulnerability. Data theft is only possible if the recipient engages with phishing attacks. Technical protection mechanisms such as malware scanners are therefore not enough.

Test attack for practice

terreActive offers "social engineering" investigations for this purpose. A campaign for a phishing test is defined with the client. Customized scenarios are part of this: In a test attack, our specialists use all known methods to deceive your employees and gain access to sensitive information. Well-known, but manipulated input masks are used to encourage employees to disclose their password unconsciously.

Continuous raising of awareness

The results provide deeper insight: How many employees have reacted to manipulation attempts? Is there a need for further information and training? If yes, in which areas? After an initial analysis, it is even possible to implement continuous tests to raise awareness in specific situations: If an employee gets involved in a fictitious attempted attack, he or she immediately receives a video tutorial on how to recognize such attempts in the future.