Tech Tips

June 12, 2019

How to Test Your Employees' Security Awareness

How many of your employees would click on a phishing email? If the answer's not an immediate "Zero/None," you have a cybersecurity vulnerability. Not sure who would & who wouldn't? Find out with a Phishing Test.

The biggest cybersecurity risk is you have comes from social engineering. Tricking users into opening the door for cyberattacks. That's the primary goal of phishing attempts - emails that look legitimate, but want you to click a dangerous link.

It only takes one click to unleash ransomware or facilitate data theft. Which means any employee can do it, if they're unaware of how to spot phishing attempts. Luckily you can find out who's aware and who isn't...with a "simulated phishing" test.

To run these, PlanetMagpie uses and recommends the KnowBe4 platform. It has everything you need for simulated phishing tests, and for training anyone who fails the test. Here's how the platform works:

  1. Buy a subscription to KnowBe4 (1- to 3-year terms) from KnowBe4 directly, or through your IT consultant.
  2. You choose the type of phishing test to use for your employees, such as: "Message from Your Bank" email, "Your Credit Card Has Been Stolen" text message, etc.
  3. Select a group of employees within your business to test first, or test everyone at once.
  4. The KnowBe4 software sends the simulated phishing messages to each individual user in the group. These act just like a phishing attempt, only they're 100% safe.
    • If a user doesn't click the "phishing" link, they pass the test. Good Cyber Fu.
    • If a user does click the "phishing" link, they fail. They're taken to a webpage that explains the phishing test, and what will happen next.
  5. KnowBe4 generates a report to show you the test results per user.
  6. You perform regular phishing tests with your KnowBe4 subscription to keep existing employees on their toes, or to train new employees.

What happens if an employee fails the phishing test? The KnowBe4 platform provides them with two helpful tools:

  • Training—Required online training that helps the employee recognize future phishing attempts.
  • Content Library—KnowBe4 maintains the world's largest library of security awareness content, including 900 videos, plus learning modules, posters, newsletters, even games.

What we like about KnowBe4 is that it’s not a "shame game" for employees who fail the phishing test.  It's educational and helps decrease the company's risk.  By simulating a phishing attack, you take away any risk to your users and your business. You don't want to find out you're vulnerable by someone clicking a REAL phishing email...

Curious about the KnowBe4 Security Awareness platform? Please contact our Support Department at support@planetmagpie.com.