TraceSecurity has released a cloud-based tool that simulates social engineering to help protect customers from phishing schemes and other advanced persistent threats. The new TraceSecurity Phishing Simulator was designed to mimic real-world social engineering attacks.
The cloud-based tool then tracks results to analyze employee actions and determine if the organization is at risk to social engineering attacks. One of the biggest threats to organizations, as well as people in general, is socially engineered attacks, but with this tool, TraceSecurity aims to help organizations identify their vulnerabilities within minutes.
"Deploying a simulated phishing attack against groups of employees not only tests their willingness to click on an unsolicited email, but also determines if they are apt to download potentially harmful code onto company resources," said Jim Stickley, TraceSecurity CTO, in a prepared statement. "Malicious messages often contain malware that, when activated, can easily infect an entire network, which is why we developed Phishing Simulator. We believe every organization should, at a minimum, test a few employees and see how they do."
A fair point, for sure. It's not easy to test for social engineering, and anything that can help mitigate potential threats, especially when people are involved, can go a long way toward ensuring a company's security. Let's face it—a good number of us have at one time or another fallen for a scam simply because we look for the best in people, even complete strangers. At the same time, that can be a costly mistake, particularly for companies that have proprietary and sensitive data to protect.
As TraceSecurity pointed out, it takes only a single employee to fall victim to a phishing attack to put an entire organization at risk. All the attacker requires is one way in. And according to TraceSecurity research, 30 percent of employees are likely to click on a link that could direct them to a malicious website. Those aren't good odds. Even worse, though, is that 5 percent of employees manually install malicious software on work computers.
The TraceSecurity Phishing Simulator is free to try for organizations with up to five employees. The company also works with channel partners, so there might be a good opportunity for partners to act as security consultants to help mitigate any risks their customers may face.