Phishing is one of the most common ways attackers infiltrate accounts. It can be extremely effective, and much easier for malicious people to gain access than trying to hack the account themselves. We have mentioned in this blog that users are still the weakest link in a company’s security plan, and that continues to be the case. Proper training on how to spot a scam is an essential piece to the puzzle that many companies are lacking.
PhishMe is a company that started over 6 years ago to help companies protect themselves from phishing scams. The company trains employees to recognize a scam, help them to not fall for it, and then report it so the company can remove the email from the other inboxes on the network to make sure others don’t fall for it as well. This week PhishMe announced that they are now going to release a free phishing testing tool for companies with 500 employees or less.
The new tool called PhishMe Free is a cloud service that’s a subset of their enterprise product, PhishMe Simulator. It isn’t as robust as the full version, but can provide some adequate training to employees for smaller companies that cannot afford a full solution.
The service will send phishing emails that are similar to ones currently being circulated, and the administrator of the tests can change the emails to fit their needs. When an employee falls for one of the test emails they will receive a message letting them know that they just fell for a phishing email and offer some additional training to help them recognize phishing scams better in the future.
This service seems like a great way to help employees with no cost to the company, and would definitely be worth a try!