[PHISHING] When Phishing goes beyond a simple “April Fool’s Day”…

      Social engineering, negligence, risky behaviour: users play a crucial role in the security of information systems. Phishing, an attack known to all and used for decades, remains one of the most widely used attacks against individuals and companies, with nearly 83% of companies affected in 2018[1].

These attacks orchestrated by the attackers are more and more elaborate and most of the time usurp companies offering services or senior managers. The latter type of attack is called “fraud against the president” and increased by 136% between December 2016 and May 2018[2]. President fraud is the attempt to mislead an employee of compatibility or human resources into making unauthorized transfers or sending confidential tax information.

At digital.security, we fight this type of attack by offering our customers a concrete action that allows their employees to be aware of phishing attacks. The implementation of phishing simulations is done on behalf of our customers using an internally developed tool. The latter, called Octophish, makes it possible to analyze the behavior of different employees and improve everyone’s awareness of phishing attacks, thus enabling the company to avoid partial or total compromise.

[1]:https://www.cyqueo.com/images/download/Proofpoint-US-TR_State-Of-The-Phish-2019-CYQUEO.pdf

[2]:https://www.ic3.gov/media/2018/180712.aspx