Search
Close this search box.

Are you the victim of a security incident? Contact our CERT

Expertise

Phishing campaign

A personalized phishing campaign:

  • Make your users contributors to the IS protection, and test their reaction to an attack attempt.
  • Accustom users to suspicious e-mails, who will learn by example how to detect them and develop reflexes that will help you protect yourself from attacks.
  • Measure the current level of employee awareness of information system security, and increase their level of vigilance.

Our offer

Preparation

  • Validate objectives, target populations, messages and associated scenarios
  • Technical preparation: set up configurations
  • Scenario creation: agree on the elements to be transmitted and the communication channels, establish the project schedule

Execution

  • Trigger the phishing campaign according to the scenario and timetable established in the preparation phase.
  • Ensure that the campaign runs smoothly. Make any necessary adjustments to messages as soon as possible.
  • Monitor recipients’ behavior (recorded), to form the basis of final dashboards

Restitution

  • Assess employee awareness of phishing attacks.
  • Present dashboard.
  • Analyze campaign results and make recommendations to the customer.
  • Advise customers on how to set their own objectives.

Examples of personalized campaigns

Internal contest

To support the morale of employees, your Management offers them to win watches produced with a partner (or other object that makes sense to your business)

HRIS software data leak

Communication with users about an incident that led to the leakage of employee data from HRIS software

Internal press release on Covid-19

Internal press release to inform you of the new measures adopted by your company to ensure the survival of the group and limit the economic impact of the crisis

Making the campaign credible
Campaign mechanics
  • Adapting the scenario to your business
  • Use or mention of relevant contacts
  • Use of a customized domain name
  • Home page customization (logo, etc.)

1. Receipt of a personalized phishing e-mail inviting you to connect to a website

2. Opening the link to a home page with an authentication form
1st indicator: link open rate

3. Enter login information
2nd indicator: login rate

4. If the victim completes and submits the form, an error page is displayed.
Information entered is not stored

Find the content of this page in PDF format:

Would you like more information about this offer?

Almond commits itself to ensure that the collection and processing of your data, carried out from the site https://almond.eu/, are in conformity with the General Data Protection Regulation (GDPR) and with the modified law n° 78-17 of January 6, 1978, relating to the protection of personal data. The information collected on this form is recorded in a file computerized by Almond, in order to answer the requests for information. You can access the data concerning you, ask for their correction or their deletion. You also have a right of opposition, and a right to limit the processing of your data (see cnil.fr for more information on your rights). You can exercise your rights by contacting Almond's Data Protection Officer at the following address: [email protected]. Your data will be kept within the European Union, in accordance with the regulations in force.