Phishing Awareness Campaigns to Combat Ransomwares

The scourge of phishing

Resembling like two drops of water to emails from trusted third parties (institutions, banks, service providers), fraudulent email attacks can have disastrous consequences for your company or community.

Beyond the theft of private data, phishing emails remain today an essential vector for the distribution of malware and ransomware within companies. 

A recent wave of attacks by the ransomware Emotet confirms this trend. Indeed, the target receives a message, which seems to be embedded in a discussion thread, containing a trapped *.zip file with the password of included in the mail in image format . This process bypasses email filters and antivirus software.

As a reminder : Emotet is a very active ransomware that has become a real European issue (More info here : https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-019) .

Ransomware (or r ansomware) is a type of malware (or virus) that aims to encrypt all the data it encounters. In large-scale attacks, entire corporate networks and data centres can be taken hostage. In order to unlock the data and thus the system, the victim has to pay a ransom to the hacker for a "possible" decryption key. Ransomware is both a serious and ever-increasing threat. 

BlueTrusty, ITS Group's cybersecurity subsidiary, offers you realistic phishing awareness campaigns

All our campaigns include:

• the contextualization and personalization of several e-mail bursts according to your business context, during a workshop,
• the possibility to include attachments and URLs leading to sites created for the occasion (allowing for example the collection of data, password...) by us,
• the purchase of a free and unpublished domain name adapted to the situation,
• technical tests prior to sending each salvo,
• a detailed report and a commented restitution for each salvo,
• the progressive adjustment of the difficulty.

During the preparation workshops, we will share with you the many good practices drawn from our experience and the current trends of cybercriminals.
In addition, it is possible to order an additional service to identify and accompany risk behaviours, as well as to train the most vulnerable staff, in face-to-face/distance/e-learning or via reflex cards.