Educating users is a big part of your role as an MSP or an IT technician. One of the best ways to protect your IT infrastructure is to make sure your users know how to use IT properly.
User education comes down to whether or not the user is going to click the wrong download button. For example, if one of the users you support are browsing the Internet and go to any number of pages that have what seems like seven different download buttons available. Educating your users could determine whether or not they click on one of the six ads that will inevitably result in junk software and toolbars being installed on the computers.
Phishing Campaign – Test Your Users
Duo Security has released an excellent tool for you to try on your users to test their knowledge of email Phishing.
Similar to the example above this tool will allow you to send your users an email that can look like it is coming from some different online services. If your organization is using G Suite, there is a template and a landing page that looks very similar to the emails you get from Google, but there is one catch. It is a Phishing email.
With this tool, you will be able to create a Phishing campaign that will send all of your user’s fake emails that look similar to many online services your organization is using in production. The emails are clearly a Phishing attempt, but you will be surprised at the number of users who will click on the link and type in their password.
Duo Security doesn’t store any of the information that the end users type in, but they will give you a nice dashboard informing you about what users clicked on the link. The dashboard also shows you what users typed in their credentials as well. Giving you a great resource for user education.
For MSP’s this could be a great upsell tool for cyber security and can educate the users on best practices when it comes to online security.
Testing this on your businesses will give you, and the business own insight into which of your users could use a crash course in online safety. Saving you and your customers any unnecessary expense is always a good thing.
What is your company doing for security training? Let us know in the comments below!