I was struck by a thought this morning when a phishing email arrived in my inbox, and I pressed the Phish-Alert button as I had been trained to do, “this is why we train”.
To be honest, I have found the appearance of KnowBe4’s simulated phishing attacks which appear in my email every few days to be a bit of an annoyance. I understood on some level that I was getting used to spotting these things: following certain rules so that I don’t have to do the automated phishing training, becoming wary of what could be lurking in my inbox…
At Brigantia, we have some pretty sophisticated protection that any phishing email would have to get through before it got to me. I had thought that it was close to impossible but then this morning, when I reported the email, the message was different: it read something like, “Thank you for reporting this email to your security team. Because of people like you, our company is more secure!” That message was different to the usual one congratulating me on spotting a simulation; I had just encountered the real thing.
I don’t know what would have happened if I had clicked on a link in it. Maybe nothing… Maybe the start of some attempted fraud or perhaps a ransomware attack, I really don’t know, but it would be nothing to my advantage I should imagine. One thing that I do know is that without the training, I would probably not have spotted it as being malicious and I may well have clicked the link.
This is why we train: We train to keep the company safe. When the defences that we have in place are just not enough, there is only me, looking at my email. I had better get it right.
For more information about KnowBe4 training and phishing simulations, please email partnersupport@brigantia.com or call 020 3358 0090.
