Cybersecurity Case Study
The IT world is increasingly confronted with semantic network attacks targeting humans. Among those attacks, one of the most common threats is phishing. This case study shows how awareness-raising measures in the context of a phishing simulation can sustainably improve email using behaviour.
Case study shows: phishing simulation improves protection against cyberattacks
Cybercriminals carry out phishing attacks by using fake emails or websites in order to obtain sensitive data. For companies in particular, this type of attack poses a massive threat. In the case of an anonymised corporate client (GmbH), a phishing training for the employees, the staff representatives, two data protection officers, and the IT department took place in two mailings.
Among other things, three spear phishing emails were sent out in the phishing training mailing. One of these emails supposedly originated from the management. Another email supposedly came from the finance department.
The subsequent assessment showed astonishing results. The training that followed enabled the employees to better recognise phishing attacks and act accordingly. This contributed significantly to increasing the company’s security level and minimising the danger of phishing attacks.