Mimecast to offer phishing simulation training service

Email security firm Mimecast has launched a service that offers live phishing simulations. With SAFE Phish, security teams can create training exercises using real-life, de-weaponised campaigns that target their organisations and employees.

Because SAFE Phish results act as a security feed, data from phish testing can be incorporated into the Mimecast SAFE Score dashboard, which is designed to calculate individual user risk using four factors – engagement, knowledge, sentiment, and bad URL clicks. Data is also aggregated to provide an overall organizational risk assessment.

“With SAFE Phish technology, end-users can safely be exposed to real-life, de-weaponised phishing attacks to make training more effective and provide a data-driven picture of which employees are most at risk,” said Michael Madon, SVP and GM of Mimecast Security Awareness Products.

According to recent research from Mimecast, almost 60 per cent of 1,025 IT decision-makers said they saw an increase in both phishing (58 per cent) and impersonation attacks (60 per cent) over the last year. The uptick of COVID-19-related phishing campaigns also highlights the fact that threat actors are looking for new opportunities to target victims with relevant topics.

The State of Email Security 2020 report also shines a light on the urgent need for a more cyber aware workforce. Encouragingly, 97 per cent of the respondents’ organisations offer security awareness training at varying frequencies and formats. However, 60 per cent of those surveyed reported having been hit by malicious activity spread from employee to employee, pointing to the fact that the format or frequency of these trainings could be the problem.

Read: Google to use authenticated logos to reduce phishing attacks