Showing posts from February, 2019
Phishing Security

Phishing is a form of a scam in which a  user is tricked into clicking on a image or link with the intention to have some form of information stolen.  Unfortunately, phishing is often a successful way for an attacker to compromise a victim because it exploits the human element, which is considered to be the weakest link in an IT security program.

One of my jobs as a security professional is to improve that defense by training users on how to be more aware of scams.  To do this, we run simulated phishing campaigns that attempt to "trick" the user into clicking a link.  The purpose of this exercise is to make the users aware of what a scam might look like and give the tools and knowledge to identify real scams.

This is an example of an upcoming phishing test that I am working on at work.  The image will be embedded in the test phishing email and it will entice the user to click on a link for more information.  If the user does not click on the link, then they…