The programme
Cofense will run two simulated real-life phishing scenarios using Cofense PhishMe over the course of four months for up to 500 individual email addresses.
A Cofense consultant will work with your client’s company to:
- Outline schedules and discuss project goals
- Create an announcement to send to your employees and managers regarding the commencement and purpose of your company’s phishing scenarios
- Gain employee and stakeholder buy-in
- Communicate compliance-related awareness concerns to your staff.
The scenarios
Cofense will build and send two phishing urges the recipient to click on the embedded link. The link and link display text can be customised, and Cofense subscribers have access to a variety of domains registered by Cofense.
Immediately after clicking the link, the recipient is sent to the selected, training material.
The second email is a “Data Entry” scenario, which emulates an attacker’s goal of obtaining valid credentials to a network environment. These scenarios incorporate the email and customisable link from the click only exercises, but after clicking the link, the recipient is sent to a landing page that entices them to enter sensitive information. No user-sensitive data is stored, and the recipient is forwarded to the selected training materials after entering data.
Each completed scenario includes delivery of a report with extensive analytics, including an executive summary of the campaign and its findings and response analysis that details the overall susceptibility rate, reporting rate (if applicable), and the repeat offence rate (after the second scenario). At the client’s request, other data points can be reported, such as recipient and failure percentages, time spent on training, and results by user. The Cofense consultant will also provide observations and recommendations for your programme moving forward.