SBN

4 reasons why you should include current events in your phishing simulation program

Introduction

One of the dirtiest aspects of phishing campaigns in the wild is that they will take advantage of anything happening in the world today to make their job easier. Most notably and timely are the phishing campaigns taking advantage of the latest COVID-19 events to entice users to click on a malicious URL or to download an infected file attachment. 

For reasons ranging from it not being “socially responsible” to the simple fact that organizational employees are more stressed today than ever, some organizations are choosing to leave current events out of their phishing simulation programs.

This article will detail the top four reasons for using current events in your organization’s phishing campaign and the cons of including current events in your phishing simulations. We’ll leave you with valuable tips for using current events without getting too personal, thereby softening this effective yet realistic approach as much as possible.

4. Phishers are actively using current events in their phishing campaigns

One of the top reasons why you should use current events in your organization’s phishing simulation program is because they are currently being used, and they are working. Despite reports that some attack groups are pledging to not use COVID-19 as the underlying premise of their phishing campaigns, this is certainly not the case with all attack groups or even most of them. Phishing simulations should be as realistic as possible to be as effective as possible. 

The real-world examples of using current events like COVID-19 are limited only by the imagination of attack groups. Some real-world examples include phishing emails with subjects like “EXTERNAL: COVID 19 PREPARATION GUIDANCE” and “Work Remotely Enrollment (Action Required).” Phishers also use trusted names involved in current events to make their campaign as successful as possible. For example, phishing emails (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/JmRstDXW-kU/