At the Security Factory, we are partnered with Phished.io since the early beginning. We asked the CEO Arnout Van de Meulebroucke five questions about phishing training. Five takeaways, that discuss the essence of phishing simulation in organizations.
Why is phishing training so important? To be honest, it’s mostly because lots of organizations protect themselves with expensive firewalls and spam filters, which are all great of course. However, they fail to recognize the single largest cause of significant cyber incidents: the human factor. The essence of cyber awareness training is basically making people aware of the risks that are associated with having an online presence in a safe environment. Once your employees are aware what these risks are, then they will be able to successfully act upon potential threats aimed at your organization (or the employees themselves in their private lives).
What makes using AI technology in Phished so beneficial? For every employee that is added to our platform, the system automatically creates a dedicated profile. That profile tries to get to know the individual based on their interactions with our training content (both simulations and academy). From the moment, that the profile is established, our platform will proceed to make a dedicated training specifically aimed at that person. It’s a never ending process, and the profile evolves along with the person being trained, and that’s in my opinion one of the most beneficial aspects of our platform.
What type of phishing mails are generally the most successful? Usually, we tend to see that spear phishing mails are really successful within organizations. Spear phishing emails target people using senders (or from addresses) that the recipient should know, for example their boss or colleague. The recipient will have a higher confidence level in the email and is much more likely to interact with it due to the fact that he thinks that he knows the sender. When we use this principle during one of our first campaigns, the success rate (or should I say fail rate?) is often higher than 50%.
Should I act on every phishing mail I receive on my company email? Ideally, yes. You should report the phishing mail to your IT-department so that they can take the necessary actions to remove it or block it from your systems. While sometimes they may be very evident for you to recognize, some of your colleagues might not recognize it as easily as you do. Therefore it’s essential that the IT-department can take preventive action and protect your organization.
Can a company reduce his phishing failure rate to 0%? It’s a very difficult question to give a proper answer to. In an ideal world, it should be possible, yes. However, in the real world, you’re still working with people. People tend to make mistakes occasionally and therefore a phishing failure rate of 0% is quite difficult to achieve and especially to maintain.
This website uses cookies to improve your experience. We process cookies to display the website and measure the preferences of our visitors. You can choose to accept or refuse the use of cookies. Refusing analytical cookies has no impact on your user experience.
You can change your cookie preferences anytime via the 'preferences' button.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
_GRECAPTCHA
5 months 27 days
This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie
Duration
Description
bcookie
1 year
LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie
1 year
LinkedIn sets this cookie to store performed actions on the website.
lang
session
LinkedIn sets this cookie to remember a user's language setting.
lidc
1 day
LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory
1 month
LinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-51190277-1
1 minute
A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
_fbp
3 months
This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
