Coronavirus and phishing
Phishing attacks are quick and easy to implement and deliver an enormous return on investment, which motivate criminals to craft increasingly sophisticated and creative phishing ‘lures’. Malicious attackers are now sending phishing emails and creating fake sites that play on fears related to COVID-19. IT Governance’s testing service offers the chance to assess how your staff respond to these attacks.
This will be carried out in a controlled manner so it does not affect your business in these troubling times. The test will be delivered remotely and can be applied to both staff in the office and those working remotely.
The service applies to organisations with up to 250 staff. It can be delivered to organisations in any sector or industry.
Test how your staff respond to coronavirus-based phishing attacks
This simulated attack will enable you to see how vulnerable your organisation is to phishing attacks – particularly those related to coronavirus – and will include a detailed report on how to address the issues found.
This controlled attack includes:
- A consultation to determine the extent of the phishing simulation;
- A scoping plan to target IT users of your choice, whether based at home or in the office;
- The simulated phishing attack; and
- A report including full analysis of your vulnerabilities.
Our service offering
- A detailed consultation to identify the depth and breadth of the tests required, with careful scoping of the test environment to establish the exact extent of the testing exercise.
- A range of manual tests conducted by our team of highly skilled penetration testers using a methodology closely aligned with the Open Source Security Testing Methodology (OSSTM).
- A series of wireless surveys of the scoped environment, with automated and manual identification of vulnerabilities.
- Immediate notification of any critical vulnerabilities in order for you to take action quickly.
- A detailed technical report that details the identified vulnerabilities (ranked in order of significance).
- A list of recommended countermeasures to address any identified vulnerabilities.
- An executive summary that explains in business terms what the risks mean