Go Phish Yourself!

Phishing HookNot trying to be rude here.  Phishing has become the most prevalent form of cyber-attack, and the reason for that is that IT WORKS!  It works because most people are very trusting and easily convinced, and are clicking on links and opening attachments without much concern.  It also works because most people have not been trained how to recognize a potential phishing message, and how to verify if the email is legitimate or a phishing scam.

Maybe the solution is to phish your own staff in order to see what happens.  The bad guys sure are.  They are phishing your staff every day, many times per day.   The good news is that a company called Duo Insight is offering a way to run phishing exploits against your staff as part of your cybersecurity awareness training program.  The best part is that it is free.

A quick look at the website makes it seem pretty straightforward to set up and account and get a  phishing test created and ready to run.  I haven’t had an opportunity to use this tool yet, but I am looking forward to giving it a try.  I’ll be sure to circle back around and let you know how it worked.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.