Sophisticated new business email compromise templates and awareness training protects organizations from costly attacks.
MADISON, WI ‒ April 16, 2018 ‒ InfoSec Institute, the leading provider of professional IT security education and cybersecurity awareness solutions, today unveiled its Business Email Compromise (BEC) Defense Suite for SecurityIQ. The new defense resources, available at no additional charge to clients, educate employees to recognize BEC attacks and provide security administrators valuable new tools to detect and respond to these threats.
Frequently undetected by technical controls, BEC attacks use sophisticated social engineering practices to impersonate an organization’s CEO or other leader to trick employees into transferring money or sharing confidential information. SecurityIQ’s new BEC Defense Suite combats this growing and expensive risk by providing organizations:
- 20 Real-World BEC Phishing Templates ‒ Realistic mock phishing emails increase employees’ awareness of BEC attacks by simulating requests for wire transfers, fake invoices, W-2 information, VPN password resets or payroll information.
- BEC Simulation Reply Tracking ‒ SecurityIQ logs all replies to BEC simulations, helping security administrators automatically identify vulnerable employees requiring additional security awareness training.
- Sensitive Data Detection ‒ Sophisticated pattern recognition automatically detects what type of data employees share in failed simulations including credit card, bank account and social security numbers, immediately deleting them once logged.
- BEC Awareness Training ‒ Interactive module educates learners on what BEC scams are and how to avoid becoming a victim.
“By employing tried and true social engineering tactics used by con artists for decades, rather than typical technical exploits, hackers are infiltrating organizations where they are most vulnerable,” said Jack Koziol, CEO and Founder at InfoSec Institute. “Our new BEC Defense Suite gives organizations of all sizes the tools they need to stay ahead of sophisticated cybersecurity threats and develop an engaged and aware workforce alert to suspicious requests.”
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by InfoSec Resources. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Khcy33O_P7E/