Protect Your Organization With Human Firewalls

We all see at least one or two phishing emails a week. The Nigerian Prince emails started it all nearly a decade ago by promising the email recipient vast wealth for helping retrieve an alleged inheritance. This phishing scam caused annual losses of millions of dollars. While most of us simply laugh at these emails and can see right through the scam, there are those who are naive and fall for them.

Phishing attacks have significantly increased over the past decade and are now more sophisticated and seem more real than previous attempts. These con artists are very successful and continue to churn out scam after scam while raking in millions of dollars.

According to Info Security, Kapersky’s Labs products “blocked 51 million attempts to open a phishing page.” This was only in the 1st quarter of 2017. The same report found that 1 in 8 attacks targeted a financial services organization.

Additionally, since these emails are coming from seemingly legitimate email accounts, they are passing through spam filters, at least for a bit.

The statistics are indeed interesting. But how do you protect your organization from these phishing attacks that seem to slip through spam filters? If you are like many organizations you always have that one person that opens everything, despite your best attempts at trying to educate your users to be alert and suspicious.

How do you train a human firewall? You already have a firewall, spam filter, web filter, but how do you train your human firewall?

Barracuda has recently purchased PhishLine. Phishline fights phishing with continuous simulation and training. It trains employees to understand the latest attack techniques, recognize subtle clues, and help stop email fraud, data loss, and brand damage. How does PhishLine achieve success?

PhishLine provides patented, highly-variable attack simulations for multiple vectors, including phishing (email), smishing (SMS), vishing (voice) and found physical media (USB/SD card). Plus, one can use multiple simulation templates in a single campaign, to conduct hypothesis-based A/B tests and prevent users from receiving duplicate mock phishing templates. With PhishLine, you train your employees to recognize threats from multiple sources and test them the way an attacker would.

PhishLine’s simulation and training content is easy to use and is fully customizable. You get a wide variety of materials: Choose from hundreds of easy-to-use simulation templates, landing pages, risk assessment surveys, and engaging multi-lingual training content in the online PhishLine Content Center Marketplaceā„¢. Materials can be used individually or integrated into simulated phishing and social-engineering campaigns. New simulation and training content is added daily, to reflect the most recent threats and training resources available to help protect your business.

PhishLine lets you deliver training as soon as the need is identified, using a built-in workflow engine. For example, you can use a landing page for in-the-moment training when someone performs an unsafe action as part of a mock phishing campaign. You can also send training invitations to specific employees based on their past actions and risk profile. Plus, you can schedule training invitations and post on-demand training on your intranet.

PhishLine makes it easy for employees to instantly report suspicious emails to your help desk or incident response team. The built-in Phish Reporting Button is a simple, powerful solution that gives you complete control over the entire process at all times.

PhishLine trains your human firewall. Additionally it can identify human risk factors in a non-threatening manner, and protect your business with updated content that guards against the latest threats.

It is up to you whether or not you publically call out employees that fall for any of your fake phishing scams. Although it is quite fun to do so!

There you go! A human firewall training program that will keep your employees alert and aware of phishing scams. If you would like more information or a demo, visit our Barracuda PhishLine page and fill out our form.