Phishing is the one of the most common enablers of malicious activity, be it ransomware, RATs (remote access tools) or simple scams to grab your credentials.

Its adoption rate by criminals has been exponential as has its success rate because it targets one most unpredictable elements of a companies security: users.

Everyone has seen phishing emails that come from nonsense email addresses with horrendously poor grammar and spelling – these can be seen a mile away.

Unfortunately criminals  are becoming more sophisticated and are spending more time crafting better and more convincing scams.

Spear Phishing & Whaling

Variations of Phishing such as Spear Phishing and Whaling attacks are even more refined, specifically targeting a business and/or individual.

We have seen numerous instances where criminals have gone as far as registering domain names and configuring email accounts in an attempt to make their phishing attacks look more convincing.

Phishing Campaigns

Seguro perform phishing campaigns against your users in an attempt to convince them to click a suspicious link – the exact method used by criminals to begin an attack. A campaign is best performed either after our Cyber Security Awareness Training or both before and after it (so you can measure improvement).

After a each activity has been run, you will receive a report on the emails, including which links were clicked by which users, etc. for further training and issuing notifications to users.

Phishing Types

  • Classic Phishing Campaigns

    The simplest form of testing your users’s awareness of phishing is to launch a classic phishing campaign using not targeted templates (Amazon, Barclays, LinkedIn, etc).

  • Spear Phishing

    A spear-phishing campaign is typically harder to spot as it will tailored towards your organisation in the same way as a more targeted attack by a criminal.

  • Whaling

    A whaling attack is similar to a classic confidence scam in that it engages with specific individuals to trick or coerce them in to doing something – usually a monetary translation – they wouldn’t normally do.