The Challenge

Phishing is a criminal strategy employing both social engineering and technical deception in order to steal personal, identity and financial data. Social engineering schemes usually use hoax e-mails claiming to be from legitimate businesses and lead recipients to counterfeit websites. These sites are designed to trick individuals into disclosing sensitive data including usernames and passwords.

While several solutions are available to protect from technology attacks, the two most vulnerable areas remain the people and process. A strategic Phishing attack specifically targets these two areas. Attackers are well aware that these are the most difficult zones to guard.

Imagine mimicking a Phishing attack within your organization and measuring how your people and process respond. Based on the findings, you could design remedial measures to alleviate Phishing risks, educate people and modify processes. The process would reduce the risk of a genuine, future attack.

Aujas Phishnix

Aujas Phishnix is an automated tool installed internally within the organization, tailored with information about people, processes and technology. A customized Phishing attack is then launched at the target audience and Phishnix tracks their responses. Social behaviors towards the attack are analyzed and a detailed report is then generated.

Aujas Phishnix provides statistics on user behavior, measures security awareness among employees, identifies data leakage, assesses Data Loss Prevention (DLP) programs and tests the incident response program.

When the test is over, a personalized e-mail is sent to each individual, informing him or her about their responses and what should be the ideal action. In addition, an e-learning module further educates the user on security awareness.

Organizations can diagnose risks for specific divisions as well as for their entire business. Ongoing compliance can be monitored within the risk management framework.