Hosting provider UKFast has launched a new platform to better protect businesses from phishing attacks through specifically designed testing and education.
The ‘Phishing as a Service’ platform allows employers to launch pre-built phishing campaigns to specific employees, departments or a geographic locations.
The campaigns replicate some of the most commonly seen and most successful phishing attacks, including fake emails from the likes of Twitter, PayPal or even from individuals internally within the business.
The programme then provides a breakdown of which users opened the email, clicked the links and submitted data via the faked landing pages.
Training materials and modules can then be delivered to the employees that fail to identify the emails as malicious.
“Phishing is the place that most hackers start if they want to launch targeted attacks against a company,” explained UKFast CTO Neil Lathwood.
“It’s proven to be one of the best ways to gain more information from high-level employees, who tend to fall for it a lot.
“They are also the ones most likely to hold critical data.
“Often the employees that you’d expect to be savvy about phishing attacks are the ones who leave the door open.”
Lathwood said that phishing attacks are becoming more inventive and sophisticated as hackers create fake email chains with apparent conversations between board members.
“The victim is then copied in at the end, with the supposed board members asking the employee to take an action, whether that’s inadvertently uploading a malicious file by clicking a link within the email or making a payment to a bogus account,” he said.
“It’s always the human element that is the weakest link in the chain. Phishing as a Service gives businesses the facility to test that link without incurring significant damage.”
More than 150 million phishing emails are sent every day. Of the businesses and charities that suffered a cyber-breach or attack in the last year, 80 per cent identified a phishing attack as the likely cause, making it the most common type of attack.
Find out more about phishing attacks and how to protect your business in UKFast’s blog.