- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Phishing test emails to employees
Posted on 11/21/19 at 12:49 pm
Posted on 11/21/19 at 12:49 pm
My IT company recommended that we upgrade our services that we currently have with them to a bucket of other items that are a little more high tech than we need. One of the items included in this bundle was a phishing test email that would be sent out to employees randomly to determine our risk (aka idiots) that would open the email. I thought this was a nice feature but i'm not going to pay for the upgraded features just to get this. Does anyone have any suggestions on how I could accomplish this on my own to test our employees?
6
Posted on 11/21/19 at 1:00 pm to hawgndodge
This provides me no data whatsoever to track who is opening the email. That is what I need, the data so I can train the employee properly on what to look for. We have trained them in the past but being able to determine who is clicking malicious links would help me in continuing education.
Posted on 11/21/19 at 1:08 pm to CHiPs25
You simply embed the email address in the url you sent... or add a tracking ID... it will show up in the access log of the server...
My 14yo granddaughter could teach you how.... granted she's had the benefit of a good teacher.
My 14yo granddaughter could teach you how.... granted she's had the benefit of a good teacher.
Posted on 11/21/19 at 1:29 pm to CHiPs25
We use this outfit KnowBe4. Lots of training videos, posters, etc. You set up "campaigns" to send faked phishing emails (over 3700 to choose from in 40+ categories) to your employees. Responses are tracked so you know who your clickers are. If they do click there are a number of landing pages you can use that point out the error of their ways. Can't recommend these guys enough. This week's "Current Event of the Week" is a phish supposedly coming from Disney+ offering special pricing, extremely realistic looking.
Posted on 11/21/19 at 1:29 pm to dakarx
quote:
My 14yo granddaughter could teach you how.... granted she's had the benefit of a good teacher.
Posted on 11/21/19 at 1:35 pm to alphamicro
KnowBe4 is the best in the business at this. Started by former world class hacker, Kevin Mitnick.
Posted on 11/21/19 at 1:38 pm to Stexas
The OP wants to know how to do it... simply explained how and at the same time trying to help my granddaughter add to her college fund. As for her teacher, he was fortunate enough to have a good teacher as well.
Posted on 11/21/19 at 3:12 pm to CHiPs25
quote:
bucket of other items that are a little more high tech than we need
depending on what sector you are in, you might be mandated to check off some of these things and they are covering your arse..I tried working for a local MSP a few years back and couldn't do it because smaller places thought they didn't need everything suggested...They usually need it the most as they're essentially hard targets
No one tries to hack Regions when they can hack Denham Credit and still get access to the Fed
Posted on 11/21/19 at 5:42 pm to GrammarKnotsi
I know you said “idiots” in the OP, but our company’s last few phishing test emails have been super realistic. I consider myself fairly intelligent and conscious of this threat, but I’ve been very close to clicking the links as it was very convincing and relevant.
Posted on 11/21/19 at 6:08 pm to CHiPs25
Turn their sound all the way up. Process of elimination
Posted on 11/21/19 at 6:25 pm to hawgndodge
We get these from our Corp. office. They are so easy to spot.
Posted on 11/22/19 at 6:22 am to CHiPs25
Why not just have the link go to a dummy website that logs any IP addresses's that go to the site?
Posted on 11/22/19 at 7:02 am to CHiPs25
Do you not have a marketing department that is sending out email to customers? If so they are probably using a service that already has all of this tracking built in. Get them to set up an internal campaign for you, unless of course you suspect them of being the weak link you want to test.
Posted on 11/22/19 at 7:06 am to CHiPs25
We do this, and I have been caught a few times. It isnt for idiots. The phishing company will send you invoices that need approved, and then scream "gotcha mofo."
Page 1 of 1
Back to top
Follow TigerDroppings for LSU Football News