Awareness & phishing

Phishing campaigns

This test aims to identify the company’s vulnerabilities related to the human aspect: internal employees who have access to critical applications and information. The phishing test will educate employees about cybersecurity. It will involve sending them a malicious email to identify the percentage of staff who clicked on the link or opened the attachment. A report without personal employee information will be provided and will allow employees to be more alert to cyber risks.

Several types of phishing campaigns exist:

• Mass emailing (> 50 emails) :
  • Link clicking (redirection to a website with a login page)
    • Average time : 7 days
    • From : 4900 € HT
  • Malicious attachment (e.g. Word macro document)
    • Average time : 8 days
    • From : 5600 € HT

• Spear-phishing (25 designated emails):
  • Link clicking (redirection to a website with a login page)
    • Average time: 8 days / 25 emails
    • From : 5600 € HT
  • Malicious attachment (ex. Word document)
    • Average time: 10 days / 25 emails
    • From : 7000 € HT

Escape Game

During this 40 minutes team-building game, 2 to 4 people will put themselves in the shoes of a hacker and will try to recover secret information about their target: Alexandre Dubois.

To do so, they will have to solve a number of challenges (badge cloning, lock-picking…) in order to achieve their goal: obtain the identifiers of Alexandre’s website and steal its secret content.

At the end of their challenge, participants will fill out a short 10-question questionnaire on cybersecurity, related to the challenges they solved. This questionnaire will be used to understand, within the client organization, where the participants are falling short in terms of cybersecurity (phishing awareness, QR code risks, etc.).