Skip to main content

Attackers will always look for the easiest way into your system, and this way is often through your employees. By sending malicious emails, SMS or other messages, criminal actors can achieve a way into your systems. It is therefore essential for a company to have good routines and training in how to handle this type of social manipulation.

 

How secure are you?

To measure the level of information security in a company, a real phishing attack can be simulated, where personalized emails are sent to targets in your company, and the number of clicks and logins are stored and analyzed. In this way, you can find out how resistant your company is to different types of targeted attacks. This provides information about which areas you should work on to improve your security culture.

Kristiansand Municipality experienced the nightmare when two stolen user accounts led to 5 million spam emails being sent across Norway. Read about their hard-won experience and why they chose to conduct a phishing exercise for all employees afterwards.

Under attack?

Netsecurity's Incident Response Team provides you with the expertise and assistance you need to quickly establish normal business operations in the event of a security incident.
security_icons-11

How to avoid being tricked by a hacker

Our ethical hackers have conducted phishing exercises with a number of companies. Here are some of their tips on what you should pay attention to in order not to get scammed:

  • Look at the language in the email - are there lots of weird typos or unprofessional language?
  • Look at the content - is it an email from a colleague, but the content seems a bit odd? Don't reply back to the email, instead call your colleague on the phone to double-check
  • Consider the context - does it seem strange, ask IT or a colleague for a second opinion
  • An attacker often uses threats, urgency and the like to make you stressed - breathe with your stomach and read the email again
  • If you are sitting on a desktop PC, hover over the link and you will see the actual URL the link leads to
  • Look at the email address - does it look right?
  • Take a look at the signature - is it real?

This is covered in a phishing exercise

Our ethical hackers have conducted phishing exercises with a number of companies. Here are some of the points we cover in such an exercise:

  • Customized email attack
  • Customized fake website
  • Email attacks with malware
  • Collection of login details
  • Analysis of details from campaigns
  • Annual wheel with several campaigns of different levels of difficulty
  • Password verification, where it is verified whether passwords have been changed afterwards
  • Anonymous report, or with details as desired
  • Advice and assistance in safety awareness training

Do you want to test your company's security awareness?

More and more companies are conducting phishing drills on a regular basis to keep employees aware and updated on the threat situation.

Our security experts are happy to help you conduct a phishing exercise. Give us a call or get in touch using the form below, and we'll show you how to proceed.

Jens Elmholt Birkeland

Jens Elmholt Birkeland

+47 920 23 456
jensb@netsecurity.no

Get in touch with us:

Oslo

Drammensveien 288

0283 Oslo

Bergen

Sandviksbodene 1

5035 Bergen

Stavanger

Kanalsletta 4

4033 Stavanger

Grimstad

Bark Silas vei 5

4876 Grimstad

Kristiansand

Dronningens gt 12

4610 Kristiansand

Trondheim

Krambugata 2

7011 Trondheim

Stockholm

Kammakargatan 22

111 40 Stockholm