Business

Phishing Awareness Assessment

Chubb believes employees should be empowered to help strengthen defences and gather real-time attack intelligence to stop attacks in progress.

By subscribing to our phishing awareness assessment programme, each Chubb cyber policyholder has access to the highly discounted services of a Cofense Professional Services Consultant and a phishing training programme designed to identify susceptibility and risk to phishing attacks.

The programme

Cofense will run two simulated real-life phishing scenarios using Cofense PhishMe over the course of four months for up to 500 individual email addresses.

A Cofense consultant will work with your client’s company to:

  • Outline schedules and discuss project goals
  • Create an announcement to send to your employees and managers regarding the commencement and purpose of your company’s phishing scenarios
  • Gain employee and stakeholder buy-in
  • Communicate compliance-related awareness concerns to your staff.

The scenarios

Cofense will build and send two phishing urges the recipient to click on the embedded link. The link and link display text can be customised, and Cofense subscribers have access to a variety of domains registered by Cofense.

Immediately after clicking the link, the recipient is sent to the selected, training material.

The second email is a “Data Entry” scenario, which emulates an attacker’s goal of obtaining valid credentials to a network environment. These scenarios incorporate the email and customisable link from the click only exercises, but after clicking the link, the recipient is sent to a landing page that entices them to enter sensitive information.  No user-sensitive data is stored, and the recipient is forwarded to the selected training materials after entering data.

Each completed scenario includes delivery of a report with extensive analytics, including an executive summary of the campaign and its findings and response analysis that details the overall susceptibility rate, reporting rate (if applicable), and the repeat offence rate (after the second scenario). At the client’s request, other data points can be reported, such as recipient and failure percentages, time spent on training, and results by user. The Cofense consultant will also provide observations and recommendations for your programme moving forward.