There are lots of reasons scammers send a phishing email. They may want to get access to the company network or perhaps a quick payout with ransomware. Maybe it’s just a good old fashioned con to trick someone into sending money or personally identifiable information, but whatever the reason, every day countless phishing emails are sent into the world, and some percentage of them are successful, or people wouldn’t bother sending them.
When employees received hundreds of emails a day, how do companies protect themselves from this insidious and all too common threat? One way is by carefully training employees to recognize a scam, not fall for it, and most importantly report it, so the company can remove all such emails from their domains.
That kind of testing has tended to be out of reach for SMBs, who, in spite of the obvious threat, haven’t been able to justify the cost of spending money to provide that training. All of those excuses went away today when PhishMe, a 6.5-year-old startup that helps companies protect themselves from phishing scams, announced it was releasing a free phishing testing tool for companies with 500 employees or less.
The new tool called PhishMe Free is a cloud service that’s a subset of their enterprise product, PhishMe Simulator. It doesn’t include all of the tools you’ll find in the pay version of course, but it puts anti-phishing training within reach of any company regardless of size.
The SMB customer simply signs up for the cloud service and PhishMe provides templates that look very similar to recent phishing scams. You can modify it with a company logo to make it look more authentic as you wish, then send it to all your employees or just a subset. Typically, a company conducts monthly tests to limit the number of checks and risk making people immune to tests (or worse real phishing emails).