This site uses third party services that need your consent. Learn more

Skip to content

Experiences with simulated phishing

Are you assessing whether simulated phishing may be a good thing to do in your company? See this video for useful steps and input to prepare and launch your own internal phishing campaign.

At the PreParanoia conference, May 21, 2019 in Oslo,  the co-founder and CEO of Secure Practice, Erlend Andreas Gjære, held a talk titled «Experiences with simulated phishing». His entire presentation can be seen in the video below.

Is it okay to trick your own colleagues? With simulated phishing, this is precisely what we do, when sending employees fake emails to increase their awareness. Maybe you have tried something like this in your company already, or maybe you are still assessing whether this is really a good idea or not.

In any case, this talk will offer useful steps to prepare and launch your own internal phishing campaign. We will also discuss how to measure and get value from the results, including on the long term, and how to ensure all of this is done in a privacy friendly way with «teachable moments» for everyone.

Have had such a great couple of days hanging out with all the fun and friendly infosec people at @TheParanoiaConf this week. Next up: @OsloBSides!

— Erlend Andreas Gjære (@erlangsec) May 23, 2019