A Brief Note On Phishing Protection And Prevention

901 Words4 Pages
Phishing Protection Suggestion I – Phishing campaign result Summary According to the analysis above, we have a complete understanding for the current phishing protection situation and probable protection issues. Based on two phishing tests results and related statistics analysis. We can make a conclusion that, most staffs in the IT department of University XYZ have enough security awareness for protecting phishing attacks. Most of them will not believe, reply or open the attachment of phishing emails. Most employees can adopt suitable methods solving phishing attacks: report the phishing event to the security group, ignore and delete phishing emails, and add phishing sources into the blacklist. Also, they has a very good email filtering system. Most phishing emails will be send to junk box directly. Even our phishing campaign test system should ask for a whitelist before starting campaign. In the second test, due to the content and image of our campaign emails. Our campaign emails are filtered by their system totally. The result of that campaign test is listed below: According to our campaign experience, the email with pictures and fake domain name such as “@iTunes”, “@boas” will have a high possibility of been filtered. In sum, both human factors and technologies of the IT department of University XYZ are strong enough to protect most phishing attacks. However, some employees may suffer advanced phishing attacks too. Since we were using a complete official domain
Open Document