What’s involved in a phishing exercise?

1 Custom campaign built, based on your organizational needs

Our team curates phishing testing scenarios based on 3 levels of sophistication. In many cases, organizations may opt to run a program that covers all three levels for a specific group of users.

  • Green tag with a hook through it featuring an anonymouse person/contact icon
    Fundamental
  • Blue tag with a hook through it featuring an anonymouse person/contact icon
    Intermediate
  • Pink tag with a hook through it featuring an anonymouse person/contact icon
    Advanced

2 Monitor interaction with campaigns

Our ethical hacking team monitors not only the level of interaction with phishing emails but also the level of reporting of suspicious activity. This is to understand whether recipients know what to do in the instance that they observe a phishing attack. 

3 Present findings

Once our phishing exercise is complete, a comprehensive report is prepared for the organization outlining the statistics from the campaign and highlighting the security issues uncovered.

The findings are assigned a risk rating and evidence is provided to validate all findings. Best practices are shared to assist you in resolving issues and to help you develop an awareness program for your users. 

4 Carry out awareness training

Where requested, Advantio can develop an awareness training program to support the findings of the test. This is fully customizable to the organization and is delivered by the Advantio ethical hacking team.

Benefits of carrying out a simulated phishing exercise

  • Test your security and improve your defenses
  • Identify high-risk areas that could lead to compromised systems
  • Prepare your organization for a cyber-attack attempt
  • Familiarize your team with the skills needed to detect and respond to an attack
  • Decrease your chances of being victim to a ransomware or malware attack
  • Evaluate the effectiveness of your security awareness program
  • Reduce the risk of exposure to data loss, financial fraud, and embarrassment

Testing is conducted at 3 levels of sophistication:

Green tag with a hook through it featuring an anonymouse person/contact icon

Fundamental
Phishing Campaign

Phishing emails of a common sophistication seen within the industry are sent to users and their responses are reported on. These emails take the form of widespread industry phishing types that employees may be susceptible to within their roles.

Blue tag with a hook through it featuring an anonymouse person/contact icon

Intermediate
Phishing Campaign

More elaborate email phishing templates are used to test employee detection skills. These templates are more technically complicated with the aim of being more difficult to spot than the classic common phishing emails.

Pink tag with a hook through it featuring an anonymouse person/contact icon

Advanced
Phishing Campaign

Uses ‘spearphishing’ to test a small number of staff with targeted emails created specifically for them based on knowledge collected by our ethical hacking team. We aim for as much personal info as possible to further infiltrate your organization.

Next Steps

Green_Contact
Contact our Team

First step to your phishing campaign

DarkGreen_Shield
Why Advantio

Your trusted security partner