In a Webroot study of 600 IT decision makers, phishing attacks leapfrog from the number three spot in 2017 to the number one breach concern among organizations. Although 100 percent of those surveyed train employees on cybersecurity best practices, that number drops by half when asked if their program framework was continuous. As reports of data breach continue to climb, annual compliance reminders or one-time onboarding briefs just don’t cut it in combatting today’s world of crafty cybercriminals. Threat actors vigilantly adjust and adapt their tactics through social engineering which continues to be the most popular way to launch email attacks.
Building a successful security awareness program starts with education. Phishing simulation campaigns are a great way to kick-off your program, implement ongoing training and keep your employees sharp while identifying additional training needs.
Can you spot phishy indicators? Below are a few of our most popular phishing templates used by our clients; see if you can recognize what’s phishy before reading the hints.
From: Hilton Orlando <email@example.com>
Subject: You Deserve a Vacation – Take One on Us!
Have you heard the news? Hilton Orlando has partnered with the Madison Chamber of Commerce to give one lucky Madison resident an all-expenses-paid vacation to one of the most magical destinations in the world!
Enter to Win!
You deserve a vacation this summer. Enter for your chance to win:
- A four-night stay at Hilton Orlando
- Eight theme park tickets to Walt Disney World Resort
- Rental vehicle access for five days
Hurry! The 2018 Hilton Orlando’s Summer Getaway Sweepstakes ends 7/31. Enter today to win the Orlando getaway of your dreams!
Hilton Orlando Client Relations
What’s phishy about this email?
- The offer is too good (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Jenna Hulbert. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/jdoZoxhD5IM/