The Best Ways to Use Phishing Attack Tests Without Hooking and Landing Your Employees

A phishing attack test? Yes, a great way to educate employees about the dangers of phishing and how to recognize it. The emphasis should be on educating, not criticizing.

What’s the best way to conduct phishing attack tests? Teach your employees what bait attackers dangle. Go over your password procedures and show them how to identify unsecured links.

Isn’t phishing just a disguised email to trick you into giving information or downloading malware? Yes, but the disguises get more sophisticated as time goes on. In 2019, close to 30% of breaches resulted from successful phishing assaults.

A good deal of phishing emails don’t target anyone but sent to a broad swath of people. However, be aware of spear and whale phishing. A spear phisher targets a specific employee, often from a LinkedIn profile.

Whale phishing targets CEOs and company board members, which produces a fruitful payoff indeed. Everyone at your business needs to be vigilant and know the signs of an attack.

Let them know to inspect the URL spelling in the link before they click, and a URL redirect signals a problem. If an email from a person they know sounds questionable, email the person back to confirm via a trusted link. Don’t post personal data on social media sites.

Recognize and reward employees who catch phishing emails. It’s an excellent way to educate everyone about the danger.

Conduct random phishing attack tests but always use them as an educational tool. The object is a small catch, not netting the entire company.

Author: Kris Keppeler, a writer who finds technology fascinating and loves humor. She writes for Crossing Genres on and Does This Happen to You? on Channillo. Award-winning podcast producer who enjoys telling stories. Follow her @KrisKKAria on Twitter or on LinkedIn.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.