Software service to facilitate organizational testing of employees to determine their potential susceptibility to phishing scams
First Claim
1. A system configured to facilitate assessment by an information technology administrator of the potential susceptibility of employees of an organization to phishing scams, the system comprising:
- a first module configured to generate an invitation;
a second module configured to receive a contact information for a plurality of employees from the administrator;
a third module configured to send the invitation to the plurality of the employees; and
a fourth module configured to monitor interaction with the invitation by the employees, wherein the monitored interaction includes responses provided by recipients of the invitation and data obtained in response to the invitation, create a log based on the invitation and the monitored interaction of the employees with the invitation, encrypt the log, and provide the log to the administrator.
8 Assignments
0 Petitions
Accused Products
Abstract
A software system and service for facilitating organizational testing of employees in order to determine their potential susceptibility to phishing scams is disclosed to evaluate their susceptibility to e-mail and Internet cybercrimes such as phishing. The e-mail addresses of a client organization'"'"'s employees are provided to the system, a phishing e-mail is created and customized, and a phishing e-mail campaign in which the phishing e-mail message is sent and the responses to the phishing e-mail is monitored, and the results of the e-mail campaign are provided for evaluation. The phishing e-mail may optionally contain attachments and various types of probes and “call home” mechanisms.
-
Citations
18 Claims
-
1. A system configured to facilitate assessment by an information technology administrator of the potential susceptibility of employees of an organization to phishing scams, the system comprising:
-
a first module configured to generate an invitation; a second module configured to receive a contact information for a plurality of employees from the administrator; a third module configured to send the invitation to the plurality of the employees; and a fourth module configured to monitor interaction with the invitation by the employees, wherein the monitored interaction includes responses provided by recipients of the invitation and data obtained in response to the invitation, create a log based on the invitation and the monitored interaction of the employees with the invitation, encrypt the log, and provide the log to the administrator. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification