Cyber attacks are increasingly prevalent, especially targeting the SME sector which often has poor IT security and lacks monitoring. Along with this, there is another factor that many consider to be the biggest security gap – employees. 91% of all cyber attacks start with an email, just over 30% of attacks result in user data being leaked as many do not distinguish legitimate and malicious emails.
To increase cybersecurity awareness among employees, we conduct simulated attacks using Microsoft’s Defender tool to challenge employees and collect results on behavior related to the attack.
1. Email
Users receive an email with content produced by Zelly. In the future we will call the content “Payload”.
2. Reaction
Based on the type of Payload produced and the tactics used, the user reacts to the email and potentially clicks on/downloads the malicious material which prompts further action by the user to hijack data or spread malware.
3. Evaluation
The simulation runs for 5 days, Zelly calls a follow-up meeting about the results. Where IT managers and business management get an insight into how aware their users are when it comes to detecting malicious emails, attempts to steal data or other ways to contribute to damage to the company.
4. Training
Users can then receive short, interactive training sessions that, for example, show users what to look for when an email looks suspicious.
Standardized Payloads
Mass-market phishing/malware payloads created by Zelly.
Simulated only against all users or specific department
Customized Payloads
Zelly, together with the customer, analyzes the systems used
to create Spear-Phishing Payloads that mimic work processes.
Simulated and divided into several specific departments or users.
