The main objective of our phishing campaigns is to raise user awareness of the threat posed by this kind of attack. We should know that a large percentage of cyber-attacks suffered by companies are carried out through phishing by e-mail. This is how cybercriminals infect systems with different types of Trojans and ransomware.
The primary aim is to evaluate the level of awareness and training of the company's employees regarding this type of threat, which may lead to theft of confidential information, installation of ransomware, Trojans, etc.
Subsequently a report containing the obtained results will be provided, with threats classified according to their seriousness, and a proposal of solutions to mitigate or reduce the risks of this type of threats.
Phishing campaign methodology
The phases of the exercise are as follows:
1. Impersonation of the portal that the client has chosen to carry out the theft of credentials.
2. Dispatching of phishing emails to get employees to enter their credentials in the portal.
3. Study and analysis of the data collected for the drafting of the report including proposed solutions.
The approximate duration of the exercise will be between one to two weeks.