Welcome to Finchloom PhishPrevent
Your company has signed up with Finchloom to provide you with ongoing training and protection against today's biggest threat - Email Phishing and identity theft. It is our goal to educate you about the latest Email threats and social engineering tricks so you can spot them and report them to us, so we can protect your organization together.
If you have any questions about the service please don't hesitate to email or call or (844) FINCHLOOM. We are your new security threat hunting team and we're here to stand behind you!
The Attack Simulation
We are going to be sending a fake attack Email to your mailbox. THIS IS A COMPLETELY SAFE EXERCISE THAT IS APPROVED BY YOUR ORGANIZATION. It is done to practice your ability to spot fake Emails and attempts to steal information. Just like how we practice Fire Drills to learn how to respond when there's a fire.
Here's How it Works
1) We will send a fake Phishing Email to all mailboxes in your organization. This Email will be designed to trick you into clicking a link or downloading a file. This is known as "The Attack". Review the Email and see if you spot any of the signs of Phishing.
2) If you think the Email is potentially spam or phishing, you must report it using the PhishPrevent button in Outlook. If you aren't using Outlook or can't find the button, forward the Email to "firstname.lastname@example.org". This sends the Email to our Security Hunter team so we can review it and give a final determination if the Email is safe or not. We have your back! There's no limit to the times you can report an Email, and there is no WRONG answer - if the Email is safe, we just return it to you!
3) Once the attack has begun, we need FIVE people at your organization to report the Email before anyone clicks on the links inside. If five people report the Email, the attack is considered thwarted. If you thwart the attack before anyone in the organization clicks the links - YOU WIN the simulation. In a real world attack, you would also be saving your co-workers as once the threat is thwarted, the technology pulls out the bad Emails from all mailboxes!
4) We will send some post-game statistics that include how long it took for five people to report, and how many people were tricked into clicking the Email.
DON'T WORRY IF YOU GET LURED INTO CLICKING THE EMAIL! WE ALL DO. NOTHING BAD WILL HAPPEN DURING THE SIMULATION - YOU WILL BE REDIRECTED TO A TRAINING PAGE. JUST BE SURE TO SPEND A FEW MINUTES ON THE TRAINING PAGE TO LEARN WHY THE EMAIL WORKED ON YOU SO YOU DON'T FALL FOR IT AGAIN. This is why we practice.