Performance benchmarking for simulated phishing attacks
First Claim
1. A method, comprising:
- administering a simulated phishing attack on individuals utilizing a first type of computing device;
administering a simulated phishing attack on individuals utilizing a second type of computing device, the first and second types of computing devices being different from one another;
determining whether the individuals utilizing the first type of computing device or the individuals utilizing the second type of computing device are more susceptible to phishing attacks;
if the individuals utilizing the first type of computing device are more susceptible to phishing attacks, administering a further simulated phishing attack to the individuals utilizing the first type of computing device, the further simulated phishing attack administered to the individuals utilizing the first type of computing device being targeted to the first type of computing device; and
if the individuals utilizing the second type of computing device are more susceptible to phishing attacks, administering a further simulated phishing attack to the individuals utilizing the second type of computing device, the further simulated phishing attack administered to the individuals utilizing the second type of computing device being targeted to the second type of computing device.
10 Assignments
0 Petitions
Accused Products
Abstract
Described herein are methods, network devices and machine-readable media for conducting a simulated phishing attack on a first group of individuals, and performing an analysis of the group'"'"'s performance to the simulated attack. In the analysis, an aggregate performance of the first group is compared with an aggregate performance of individuals from a second group. Standardizing the simulated phishing attacks for individuals from both the first and second groups is necessary in order for the performance of the first group to be fairly or meaningfully compared to the performance of the second group. To ensure uniformity in the simulated phishing attacks, messages thereof may be constructed from template messages, the template messages having placeholders for individual-specific and company-specific information.
-
Citations
1 Claim
-
1. A method, comprising:
-
administering a simulated phishing attack on individuals utilizing a first type of computing device; administering a simulated phishing attack on individuals utilizing a second type of computing device, the first and second types of computing devices being different from one another; determining whether the individuals utilizing the first type of computing device or the individuals utilizing the second type of computing device are more susceptible to phishing attacks; if the individuals utilizing the first type of computing device are more susceptible to phishing attacks, administering a further simulated phishing attack to the individuals utilizing the first type of computing device, the further simulated phishing attack administered to the individuals utilizing the first type of computing device being targeted to the first type of computing device; and if the individuals utilizing the second type of computing device are more susceptible to phishing attacks, administering a further simulated phishing attack to the individuals utilizing the second type of computing device, the further simulated phishing attack administered to the individuals utilizing the second type of computing device being targeted to the second type of computing device.
-
Specification
-
- Resources
-
Current AssigneeCofense, Inc.
-
Original AssigneePhishMe Incorporated
-
InventorsBelani, Rohyt, Higbee, Aaron, Greaux, Scott
-
Primary Examiner(s)BROWN, ANTHONY D
-
Application NumberUS13/763,515Publication NumberTime in Patent Office746 DaysField of Search726 22- 25US Class Current726/25CPC Class CodesG06F 21/00 Security arrangements for p...G06Q 10/107 Computer-aided management o...H04L 63/1433 Vulnerability analysisH04L 63/1483 service impersonation, e.g....
