Phishing

ePhish by Franklin Data, the perfect blend of technology and war games.

Franklin Data takes phishing serious.  We developed ePhish to help improve employee awareness and combat attacks.

Our ePhish phishing simulations allow you to quickly and effectively assess how susceptible your employees are to actual phishing and spear phishing attacks. With our portfolio of customizable templates, you can evaluate users on multiple threat vectors — malicious attachments, embedded links, and requests for personal data — and track results at the campaign level and user level.

ePhish mock phishing emails also allow you to set the stage for future training. Employees who fall for a simulated attack are automatically presented with a Teachable Moment, which is a customizable “just-in-time teaching” message that alerts employees about the mock attack, explains the dangers associated with real phishing emails, and gives practical advice and tips they can use to avoid future traps.

Initiating follow-up training is easy with our unique and effective Auto-Enrollment feature. Any user who falls for a ePhish email can be automatically scheduled for the interactive training module of your choice.

Fast Facts:

Phishing refers to malicious emails that are designed to trick the recipient into clicking on a malicious attachment or visiting a malicious web site.

Spear-phishing is a more targeted form of phishing that appears to come from a trusted acquaintance.

Corporate email phishing scams increased 1,300% in 18 months, global losses total $3.1B, says FBI, Wall Street Journal June 17, 2016
A new phishing scam is gunning after iCloud users in the UK in a bid to pilfer credit card details. June 9, 2016
In recent weeks, hundreds of businesses around the country have been hit by an email “phishing” scam that is both brilliant in its exploitation targeting W2’s of employees

Quick Case Studies on Phishing

One of the most famous examples of a spear-phishing attack that succeeded despite its suspicious nature targeted the RSA Security firm in 2011.

The attackers sent two different targeted phishing emails to four workers at RSA’s parent company EMC. The emails contained a malicious attachment with the file name “2011 Recruitment plan.xls,” which contained a zero-day exploit.

When one of the four recipients clicked on the attachment, the exploit attacked a vulnerability in Adobe Flash to install a backdoor onto the victim’s computer.

“The email was crafted well enough to trick one of the employees to retrieve it from their Junk mail folder, and open the attached excel file,” RSA wrote in a blog post about the attack.

The backdoor gave the attackers a foothold from which to conduct reconnaissance and map a way to more valuable systems on the company’s network. They eventually succeeded in stealing information related to the company’s SecurID two-factor authentication products. The attack was surprising because everyone assumed that a top security firm like RSA would have trained employees who know better than to open suspicious emails. Yet one of its employees not only opened one of the suspicious emails but retrieved it from his junk folder—after his email filter had deemed it suspicious—in order to open it.

Another surprising victim of a spear-phishing attack was the Oak Ridge National Laboratory in Tennessee. The lab, also hacked in 2011, got hit with a phishing email that appeared to come from the human resources department and included a link to a web page where malware downloaded to victims’ machines. The attackers sent the email to 530 of the lab’s 5,000 workers, and fifty seven people clicked on the malicious link in the email. Only two machines got infected with the malware, but this was enough to get the attackers onto the network. They were discovered only after administrators noticed megabytes of data being siphoned from the lab’s network.

The hack was so surprising because the high-security federal lab conducts classified energy and national security work for the government, including work on nuclear nonproliferation and isotope production. But the lab, ironically, also does cybersecurity research—work that focuses on, among other things, researching phishing attacks.