1 / 5

CERTCUBE LABS APPROACH TO SPEAR PHISHING ATTACK SIMULATIONS

CERTCUBE LABS APPROACH TO SPEAR PHISHING ATTACK SIMULATIONS

Certcube
Download Presentation

CERTCUBE LABS APPROACH TO SPEAR PHISHING ATTACK SIMULATIONS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OUR APPROACH TO SPEAR PHISHING ATTACK SIMULATIONS

  2. STEP 1 - SCOPE DISCUSSIONS Our team seeks formal authorization from company leadership or the designated security team to conduct the simulation. Clearly outline the objectives, scope, and expected outcomes of the exercise. We set clear goals, such as measuring employees’ susceptibility to phishing attacks or assessing the effectiveness of existing security awareness training. STEP 2 - OSINT We Research the targeted individuals and gather information from public sources, such as social media profiles and company websites, and various OSINT techniques to create personalized and convincing phishing scenarios.

  3. STEP 3 - CRAFTING THE TRADECRAFT Our Team develops realistic phishing emails that mimic common social engineering techniques and appear legitimate. We pay attention to details, such as sender names, email content, and subject lines, to make the emails more convincing. Also, we embed educational content or links within the phishing emails to provide immediate feedback to employees who interact with the simulation. STEP 4 - MONITORING AND FEEBACK We Research the targeted individuals and gather information from public sources, such as social media profiles and company websites, and various OSINT techniques to create personalized and convincing phishing scenarios.

  4. STEP 5 - DEBRIEF SIMULATION We conduct debriefing sessions with the participants to engage in discussions about the simulation’s objectives, and outcomes, and emphasize the significance of continuous security awareness training. STEP 6 -AWARENESS TRAINING Using the insights from the simulation results, our team customizes and strengthens the company’s security awareness training to address the specific vulnerabilities identified during the exercise. We conduct internal security awareness training sessions to ensure employees are well-prepared in mitigating potential risks.

  5. STEP 7 - REPEAT REGULARLY Regularly our team conducts spear phishing simulations to consistently reinforce security awareness among employees, enabling them to stay vigilant against evolving phishing techniques. Visit our website Certcube.com

More Related