Efficient Phishing Programs: 3 Common Problems and 1 Awesome Solution
By Kaustubh Jagtap
You hear it all the time. Teams tasked with improving phishing defense aren’t sure how many employees see, or even receive, the simulations they send.
It’s why CofenseTM has introduced the Cofense PhishMe Responsive Delivery™ capability in Cofense PhishMe™ Enterprise edition. This capability allows operators to send a phishing simulation only when targeted employees are actively using email. It also delivers the phishing simulation directly to the employee inbox, thereby bypassing any technical issues including gateway configuration changes and whitelisting complications. Additionally, having this capability adds another layer of automation to your phishing program, making it more effective and efficient to manage.
Following are 3 of the problems this new feature addresses. If you manage an anti-phishing program, these will surely sound familiar.
“Whitelisting really complicates delivery and reporting.”
Sometimes your email gateway is a blessing and a curse. Though it doesn’t catch every real phishing email, it’s configured to stop the majority—and in doing so occasionally also catches some of your simulations.
That’s a two-fold problem. Too often employees miss out on the chance to test their ability to catch a phish, which hurts your organization’s overall resiliency to phishing attacks.
Also, your anti-phishing program’s metrics get thrown off. Say you phish 500 employees. If 250 report the email and 250 fall susceptible, you wind up with a 1:1 ratio, which is pretty decent. But what if, thanks to whitelisting, 75 employees never got the email? Mathematically, your reporting is fine, but your employees’ true readiness will remain unclear.
“We’re global, so scheduling is tough.”
We hear this one a lot. Eastern Time, Pacific Time, London, Tokyo, and Sydney times—when you want simulations to arrive when global employees are at work, scheduling can get complicated.
It’s one more thing to worry about, one more drain on your time. Running simulations across multiple time zones, cultures, and languages is daunting enough. Having to untangle time zones only adds to the headaches.
“If people aren’t on email when we send, we might miss them.”
Everyone is snowed under by emails these days. So when somebody isn’t on email for even a couple of hours, he or she may have 20 or 30 messages stacked up.
It’s easy for that person to miss the simulation you sent—the one you carefully crafted and scheduled, the one whose results you were eager to see. The teachable moment may have passed. If there’s no “evidence of life” on the email account, a simulation could be dead on arrival. Can you say “inefficient?”
The new Cofense PhishMe Responsive Delivery in Cofense PhishMe addresses these common delivery hassles. Give it a try! Don’t have it and interested? Learn more.
All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks.