Security Awareness Training and Simulated Phishing Platform
Helps you manage the problem of social engineering
Old-school security awareness training doesn't hack it anymore. Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks.
Baseline Testing
We provide baseline testing to assess the Phish-prone percentage of your users through a free simulated phishing attack.
Train Your Users
The world's largest library of security awareness training content; including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails.
Phish Your Users
Best-in-class, fully automated simulated phishing attacks, thousands of templates with unlimited usage, and community phishing templates.
See The Results
Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the great ROI!
Best Practices for dealing with Phishing, Spoofing, and Spam emails
Phishing and Spoofing emails and text messages tell a story to trick you into clicking on a link or opening an attachment.
Here are some ways to spot them. They may:
- say they’ve noticed some suspicious activity or log-in attempts.
- claim there’s a problem with your account or your payment information.
- say you must confirm some personal information.
- include a fake invoice.
- want you to click on a link to make a payment.
- say you’re eligible to register for a government refund.
- offer a coupon for free stuff.
Ways to tell if an email is a phishing attempt include:
- The “voice” of the sender doesn’t sound like them (would your CEO use those phrases?)
- The email is poorly written or has bad grammar.
- You do not have an account with the company.
- There is a suspicious attachment (NEVER open it!).
- The web and email addresses do not look genuine.
- There is a sense of urgency or immediacy to the request.
It’s common that a phishing email will come from an address that appears to be genuine. Criminals aim to trick recipients by including the name of a legitimate company within the structure of email and web addresses. If you only glance at these details, they can look very real. If you take a moment to actually examine the email address, you may find that it’s a bogus variation intended to appear authentic ‒ for example: @mail.airbnb.work as opposed to @Airbnb.com
Malicious links can also be concealed with the body of email text, often alongside genuine ones. Before clicking on links, hover over and inspect each one first. If you aren’t sure, use the “Phishing” button in Outlook to report a message, or send us a message at support@bssconsulting.com.
