OIC Solutions are offering a phishing test with training and reporting for up to 25 members of staff for the total cost of £299.00. Contact us today at email@example.com or on +44 207 993 2239.
As technical solutions against hackers become more efficient there has been a shift to attacking the weakest link in the chain, the end user. If a hacker can lull a unsuspecting user into clicking a link or downloading and enabling a macro in Microsoft office file, then they could obtain that all important initial foothold into an environment.
The Technical Bit
You maybe thinking that Sandboxes, Antimalware Scan Interface (AMSI), Windows Defender and AppLocker are going to keep you protected. After all AMSI captures every PowerShell, JScript, VBScript, VBA or .NET command and passes it to the local Antivirus program for inspection, what could go wrong with that? Even the best best local AV can be bypassed with techniques such as VBA Stomping, Encryption, Obfuscation and Time delays. Attackers have to stay one step ahead of defenders, and they are good it.
The Phishing Test
When we undertake this service up to 25 people can be targeted. 25 people is enough to establish baseline as to whether you have an underlaying issue in insecure user behaviour or not.
If a high % of users fail then it suggests that more users in the environment will also fail.
If a low % of users fail, then it stands to reason that your environment has well trained users in place already.
If a high % fail, then you can run the test again on a different set of 25 users.
If users do fail, they can redirected to training / educational material and services.
We can use your pre-existing software use as a attack vector. For example, if you use Dropbox and Office 365 in your environment, we can base the email templates on these products. If you are not using services such as these, we can use pretexts such as Covid19 and GDPR in order to try and illicit a user response.
We set the test up, we let it run for a pre determined amount of time, when it is finished we send you the report and you can gain an accurate view of your users behaviour. If a user fails the phishing test, they can be provided with training as part of the service.
Secure your testing window today by contacting us at firstname.lastname@example.org or on +44 207 993 2239.