Solution: Phishing – Germany

Kick-off Meeting

During a kick-off meeting, phishing scenarios are developed collaboratively. TÜV TRUST IT proposes possible scenarios, and predefined templates—such as correcting a time log—can also be used. New templates that tie into current events at the client’s organization—such as organizational changes, the introduction of new software, etc.—can also be created. These templates serve as the basis for conducting the phishing campaign and are sent via email to the “affected” recipients.

The execution period is agreed upon. It is possible to select a variable execution period, allowing phishing emails to be sent in staggered waves. This staggered delivery enables tracking of how information about potential phishing emails spreads within the company.

Implementation

Phishing campaigns can be conducted based on three different technical scenarios; the desired scenario is determined in advance with the client:

• Black-Box Scenario: The client provides TÜV TRUST IT only with the recipient addresses. No domains are whitelisted in the spam filter, and no test users are provided. Any email security measures can only be evaluated based on deliverability and user clicks, not by TÜV TRUST IT.
• Grey-Box Scenario: The client provides recipient addresses to TÜV TRUST IT. The client sets up an email account for TÜV TRUST IT. This makes it possible to verify any email security measures using the provided email account. Compared to the black-box scenario, this allows for the collection of more precise information regarding the effectiveness of technical security measures. The phishing domains are not activated. If the emails cannot be delivered due to technical measures on the client’s side, the process can be immediately switched to a white-box scenario. This restores the traceability of the tests.
• White-Box Scenario: The client provides the recipient addresses to TÜV TRUST IT, and the phishing domains are excluded from the spam filter. The client sets up an email account for TÜV TRUST IT. In this scenario, implemented technical security measures are disregarded; the evaluation focuses exclusively on how employees handle phishing emails. A switch from a gray-box scenario to a white-box scenario is possible during the campaign as well, subject to prior agreement.

Conclusion

After the phishing campaigns are conducted, an anonymized report is generated and presented to the client. The level of detail in the report—ranging from the company as a whole down to divisions, departments, and teams—is agreed upon during the kickoff meeting. The client’s technical security measures for preventing phishing attacks are addressed, as are metrics regarding how employees handle phishing emails. These metrics include, for example, the number of emails delivered, the percentage of employees who clicked the link in the email, the percentage of employees who entered data, etc. The delivered report includes recommendations for the client on how to address any security vulnerabilities and implement training measures.

During the final debriefing, the results of the campaign are discussed; if necessary, TÜV TRUST IT prepares a brief memo to employees explaining the phishing campaign and highlighting the key indicators that would have allowed them to recognize the phishing email.

Bundle price: EUR 3,300.00 (excl. VAT)

Order

By submitting this form, you are placing a direct order request for the selected service.
This order request does not yet constitute a contract between you and TÜV TRUST IT TÜV AUSTRIA GMBH for the service you have selected.
Upon receipt of your order request, you will receive a corresponding quote via email.
As soon as we receive the order form signed by you, we will send you a written order confirmation.
A contractual relationship between you and TÜV TRUST IT TÜV AUSTRIA GMBH is established only upon receipt of the order confirmation.