The Top 12 Signs that you’re Running Bad Phishing Simulations

Secure Click News The Top 12 Signs that you’re Running Bad Phishing Simulations

The Top 12 Signs that you’re Running Bad Phishing Simulations

The Top 12 Signs that you’re Running Bad Phishing Simulations
 
1) Your phishing simulations are formulaic and rely heavily on templates which users recognise.

2) You’re using too much “inside information” in your general phishing simulations.

3) You’re making your phishing campaigns too generic.  

4) The timing of your phishing campaigns is too predictable.

5) Your phishing campaigns are all based on historic attacks.

6) The pretexts used in your phishing campaign are lame and not very credible.

7) You have not used a pilot group of users for testing your phishing campaigns.

8) You’ve not tested your phishing emails against your organisation’s security defenses such as firewalls and email gateways.

9) You’ve named and shamed users who have flunked your phishing simulations turning users against you.

10) You’re treating phishing solely as a testing exercise when it should also be educational.

11) You phishing campaigns instil so much fear in users, they’re now not opening up genuine emails.

12) You’re treating phishing simulations as a security awareness panacea. When in fact, there are many more threats out there that don’t actually come through a URL or email attachment.


Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.