Companies test staff with fake phishing emails

Companies like Twitter are testing their cyber security by sending employees fake fishing emails.

“New employees fall for it all the time,” said Twitter postmaster Josh Aberant.

A recent Verizon report revealed many phishing breaches are because of human error, and 18 percent of users will visit a data-compromising link in a phishing. Another report by the non-profit Online Trust Alliance found 90 percent of breaches sent in the first half of 2014 were preventable, and more than a quarter were caused by employees, often by accident.

Security firms like Wombat Security and PhishMe will send test phishing emails to a company’s staff. Indistinguishable from real phishing attempts, these emails link to a web page explaining the test and offering tips on recognizing suspicious messages.

Workers “take it very personally” when they fall for it, said Wombat CIO Randy Withrow. “They become apologetic and wonder, ‘how did I miss it?'”

Copyright © 2017 Transcontinental Media G.P.
Transcontinental Media G.P.