Phishing simulation

How susceptible are you to phishing?
Try a simulated phishing attack and find out

We work with you to devise a range of scenarios, building a series of personalised phishing emails to target specific groups within your organisation to determine the susceptibility of your people to this type of cyber risk.

Typically, the emails will invite recipients to take certain actions, such as giving away sensitive information or downloading malicious payloads allowing unauthorised access to your environment.

Phishing, spear-phishing and whaling

The dark web is made up of digital communities that sit underneath the internet. While there are legitimate purposes, it is estimated that over 50% of this type of site is used for criminal activities.

Sometimes referred to as the ‘underbelly of the internet,’ the dark web is a shrouded area, hidden from search engines and only accessible with a specialised web browser. It also masks IP addresses, which essentially allows fraudsters to operate undetected to commit crimes, including identity theft.

Take the right mitigation steps

There is no single solution that can protect against all possible attack vectors. However, you can take steps to mitigate the most common forms of attack. Statistically, these attacks are most likely to leverage passwords compromised on the dark web or leaked due to human error, often a result of phishing attacks or a lack of awareness around security best practices.

Phishing simulation process

  • Creation of easy, medium and difficult templates, so as to scale training
  • Identify existing security awareness
  • Training can be built into landing pages

The goal of a simulated phishing attack is to trick an individual into disclosing personal or corporate information through social engineering, email spoofing and content spoofing efforts.

For example, we may send the victim an email that appears to be from a trusted source, including links back to a customised malicious website that has been created especially for the attack.

Our emails and websites can be highly personalised and customised, incorporating the target’s name, job title or other relevant information.

Cognisys presents its findings in a comprehensive yet simple report format. This typically comprises of an executive summary, methodology, technical findings, and prioritised recommendations for remediation.

  • Understand how to better defend your organisation using a layered defence approach.
  • Provide cyber security awareness training for your employees.
  • Build an effective cyber threat reporting culture, with a ‘no-blame’ approach for maximum uptake, throughout your organisation.

Let’s make things happen

Fill in the form and one of our team will be in touch for a no-obligation discussion or quote regarding your requirements.

info@cognisys.co.uk
Leeds office

5 Park Place
Leeds
LS1 2RU

info@cognisys.co.uk
London office

131 Finsbury Pavement
London
EC2A 1NT

LET’S TALK

RECENT UPDATES

Understanding internal vs. external penetration testing: which is best for your business?

TIPS

Understanding internal vs. external penetration testing: which is best for your business?

In this blog, we will help you understand the differences between internal and external penetration testing and how to choose the best approach for your industry.

Overview of Pulsar Group's platform

CASE STUDY

Friendly people, unfriendly projects: Pulsar Group’s pen testing journey

Learn how Cognisys’ penetration testing services and SmartView portal helped Pulsar Group manage their security assessments more efficiently.

EarthID team celebrating with an award for their cyber security achievements

CASE STUDY

Enabling EarthID to achieve highest standard of cyber security

Learn how EarthID’s identity platform became secure with our penetration testing services.