PHISHING LAYER 8: THE HUMAN LAYER

The cyberattack bypassed all other layers on the network, and it now sits with you— the human layer.

Can you identify what’s wrong with this picture?


If you’re not paying attention, it’s just another Microsoft Teams login for that meeting you’re running late to. You just received the reminder and hurriedly enter your credentials. Surprise! You’ve just become a victim of phishing.

Do you know anyone like this? Would they immediately fill in the form with their credentials and invite code that just arrived in their inbox? While running late to an online meeting, would they notice the bad URL and realize that someone is trying to steal their credentials? There is a pretty good chance they would not notice and fill in the requested information

Humas are the weakest link of any corporate security strategy.

Using phishing attacks, hackers prey on humans because we are the weakest link. We think the network and end-points are secure enough, so we don’t need to worry. That couldn’t be further from the truth.

According to Terranova Security, over 25% of phishing email recipients (ahem… humans) click on links inside phishing emails, and over 60% of those clickers (again… humans) submit data on pages similar to the image above. This is exactly why phishing has become the #1 attack threat vector. Humans are very likely to fall for these tactics!

The FBI received over 240,000 complaints for various phishing-type of attacks in 2020, which is over 200% more than 2019. Between phishing and other related email attacks, the FBI estimates losses exceeded $1.9B in 2020. 2021 is expected to be even worse.

Becoming a truly security-conscious organization

One way to help combat these increasing attacks is to implement regular phishing awareness testing to identify employees who are clicking phishing emails and submitting sensitive data. Libraesva PhishBrain provides an intuitive interface for administrators to coordinate recurring phishing campaigns aimed at targeted groups inside the organization. Simply populate a list of targeted mailboxes, including directly from Microsoft 365 or Google Workspace, choose from one of many modern and realistic phishing templates and landing pages, and set the timeframe for sending, reporting, and future recurrence. That’s it!

After each campaign, clearly see who poses the greatest risk for leaking data so appropriate action may be taken, such as record-keeping, training, and ongoing testing. PhishBrain will continuously update the risk score to provide up-to-date risk profiles for each targeted mailbox. Quick. Simple. Informative

All organizations, large and small, can benefit from implementing phishing awareness testing, and Libraesva PhishBrain has been engineered so that every organization has it within reach.

We’ve even made it free for teams with 5 mailboxes or less, so even the smallest teams can begin their phishing awareness journey with no cost or commitment. Sign up today and start testing immediately!

With Libraesva PhishBrain, you are one step closer to becoming a truly security-conscious organization.