Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Phishing

An effective phishing campaign can help you analyse the browsing habits of your employees, their information security awareness and effectiveness of your perimeter controls in place

Find out more
Complete this form to get in touch

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Overview

One of the most common attack vectors behind compromises is gaining access via email-based phishing attacks. 

A phishing simulation unlike done by an automated tool, assures both the technical and people controls. Our phishing campaign involves sending targeted emails in a controlled manner, track user actions in a non-intrusive manner, access the technical restrictions in place, and related information about the user's underlying host. An assessment report provides a comprehensive view of how a campaign was run, the information collected beforehand and the end results with mitigation measures.

Types of Phishing

We offer a range of phishing campaigns to our customers:

Vishing (Voice Phishing)

Vishing involves phishing using the phone. The phisher calls an unsuspecting victim over the phone pretending to be a worker of a supplier, support helpdesk or even from the bank, to collect personal information. 

Smishing (SMS Phishing)

Unlike email phishing, for Smishing, the attack vector is a phone number. The phisher pretends to act on behalf of a trusted or legitimate company and sends an SMS to the unsuspecting victim. This could be a genuine sounding reason that needs immediate attention like e.g..., announcing that they have won a prize or offering them to participate in a raffle or context. 

Is your business prepared to defend against targeted attacks?

Spear phishing attack is usually personalized. Hackers normally include some personal data in the phishing emails, such as the name of the victim, their role in the company or even (for a personal touch) their phone number. The reason for this is to gain their confidence and, therefore, obtain the information they need to compromise the corporate network and access the confidential data they are looking for.

Mass phishing

Mass phishing emails are sent to a group of people with similar interests based on their brand preferences, demographics, and choices. In a mass phishing attack, the emails sent to unsuspecting users are clones of genuine-looking websites like Amazon, Microsoft, Paypal or even delivery site like UPS.

Email Phishing

Email phishing is one of the easiest types of phishing and is used to trick unsuspecting users into giving information without their knowledge. This phishing can be launched in several different ways:

  • Sending an email through a familiar name like from a well known Support used by their company or vendor,
  • Sending an email impersonating their superiors requesting for an immediate response with sensitive data. Just by seeing the superior's name and the urgency of action, some users may click on the link. And finally,
  • Impersonating the identity of an organization and asking employees to share internal data.
When was the last time you assessed your budget spent on Security Awareness ?
Call Us Now

Why Defendza ?

Thorough Analysis and Reporting

Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.

Custom tools and scripts

Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.

In-house experts

Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.

Key Benefits

Let's check your cyber awareness
Call Us Now

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company

Resources

09/06/2019

Manufacturers Can’t Afford the Cyber Risks

Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces

Related News

Medical records compromised

05/09/2019

An investigation was immediately launched which revealed the compromised account contained protected health information. Affected patients were notified about the breach on April 12, 2019. All individuals impacted by the breach had received medical services from Questcare in the Dallas, Fort Worth, or Arlington regions of Texas. 

Netflix issues urgent warning

18/06/2019

Netflix customers in Ireland are being targeted with a phishing attack in an attempt to hack their accounts. The streaming giant has put out a warning to try to avoid other users falling victim to the same fraud.