Phishing Security

Phishing is a form of a scam in which a  user is tricked into clicking on a image or link with the intention to have some form of information stolen.  Unfortunately, phishing is often a successful way for an attacker to compromise a victim because it exploits the human element, which is considered to be the weakest link in an IT security program.

One of my jobs as a security professional is to improve that defense by training users on how to be more aware of scams.  To do this, we run simulated phishing campaigns that attempt to "trick" the user into clicking a link.  The purpose of this exercise is to make the users aware of what a scam might look like and give the tools and knowledge to identify real scams.

This is an example of an upcoming phishing test that I am working on at work.  The image will be embedded in the test phishing email and it will entice the user to click on a link for more information.  If the user does not click on the link, then they have successfully passed the test.  If they do click on the link, then they will be taken to a screen that will show them tell-tell signs of why this particular email was a fake.


Popular posts from this blog

Jade Enterprises

Robot Project movie/dream