Simulated Phishing Attacks…What Are They Used For?
What is "simulated phishing?"
Well, let’s start by saying that phishing is a way of contacting someone by posing to be someone else, usually in the form of an email, text message or even phone call.
But what is "simulated" phishing? Organizations use simulated phishing attempts as a way of identifying employees that may require additional training. Unlike your average phishing attacks, simulated phishing attempts are perfectly safe. They are designed to look like real phishing emails or even text messages. Nothing bad happens if a user ‘falls’ for it.
The idea is if employees fall for a simulated phishing attempt, they will likely fall for a real phishing attack from the bad guys, so this gives organizations the opportunity to retrain the individuals that fall for the simulated attempt.
Because you won't "really" know if your employees will click on a bad link or not unless you actually test them.
If you have questions about testing and/or training your employees, contact us!