A free phishing simulator for small businesses has been developed and released by the leading provider of human phishing defense solutions, PhishMe. The phishing simulator allows small businesses – companies with under 500 employees – to develop and run dummy phishing email campaigns to test the effectiveness of their security awareness training programs.
Research by PhishMe shows that phishing email simulations are invaluable for improving security awareness, identifying employees that require further training, and for improving resilience against phishing attacks. With practice at dealing with phishing emails in a safe environment, employees learn the tell-tale signs of phishing emails and can be trained how to respond when a real phishing email arrives in their inbox.
When an employee fails a phishing email simulation, it can be turned into a training opportunity. They can be shown where they went wrong and how they should have identified the email as being potentially malicious. By using the phishing simulator for small businesses, it is possible to reduce susceptibility to phishing attacks by up to 95%.
While large organizations are often targeted by cybercriminals, small businesses also face a high risk from phishing. PhishMe reports that 61% of cyberattacks are targeted on SMBs, and those attacks cost, on average, $800,000.
More than 55% of SMBs have experienced a cyberattack in the past 12 months and 50% have reported a data breach. Research by PhishMe shows that more than 90% of data breaches start with a phishing attack.
By providing a free phishing simulator for small businesses, organizations can easily improve their defenses against phishing – The number 1 cybersecurity threat faced by businesses of all sizes – at no cost. The solution – called PhishMe Free – can be used to condition employees so that when a real phishing email arrives in their inbox, they will be able to identify it as such and report it to their security team. As PhishMe CEO Royht Belani explained, “The goal is to help SMBs build a conditioned firewall of human sensors to act as a first line of defense against attacks that bypass traditional email filtering technologies.”
PhishMe Free can be deployed rapidly thanks to an easy-to-use SaaS application. The simulations include 18 templates and can run up to 12 phishing scenarios per year free of charge. SMBs can monitor the progress of their phishing campaigns and view risk exposures through the application.
SMBs also have full access to PhishMe computer-based training modules covering the biggest cybersecurity threats, with four modules covering compliance. After signing up to use PhishMe Free, SMBs can also access the PhishMe community to discuss issues with PhishMe support staff and exchange ideas with other community members.
“With organizations like PhishMe providing strong anti-phishing solutions catered to SMBs at no cost, more organizations can take the necessary steps to fortify their defenses to reduce the chances of phishing related breaches,” said Scott Crawford, research director for information security with 451 Research.