phishing-techniquesDid you know that phishing techniques are increasingly sophisticated and common? To educate your users from falling into these traps, tools and testing services can be effective in business awareness campaigns.

It is important to remember that perpetrators use social engineering techniques, such as phishing, to obtain personal, confidential or sensitive information from users. These malicious hackers send fake emails or post bogus websites, mimicking legitimate ones, to prompt users for passwords, credit card numbers or other valuable information.

Recently, spear phishing techniques have emerged in order to target certain users. In fact, messages are aimed at specific users and contain terminology and topics commonly used in the workplace.  The goal is to lure users into believing the legitimacy of an email and respond to it trustingly.

Increased user awareness and appropriate training is therefore necessary to ensure that they develop the ability to detect this kind of more sophisticated scamming. Moreover, one of the objectives of the tools and testing services used, such as fake email simulations, is to determine employees’ reactions. These tests and their results are then analysed to assess users’ strengths and weaknesses in regard to possible phishing attempts. The results will help customize the awareness and training program in order to protect the company from data and intellectual property theft.

For more information on this topic, you can view the following article:

Note:  Terranova Training provides information security awareness and training services, including phishing tests for your company.

For more information, please visit our website dedicated to phishing at

By Patrick Paradis, Information security advisor