Application

Reporting software to measure and map out an organization's vulnerable locations to phishing attacks.

Key Benefits

• Combines merits of PhishMe.com reports with demographic data from the organization.
• Helps users of PhishMe.com to pinpoint training weaknesses in an organization and customize education strategy based on the statistical reports generated.

Market Summary

The number of phishing attacks directed at individual accounts within a company shows a notable increase on both the global and domestic scale. Compared to the second half of 2011, the first half of 2012 marks a 19% increase in volume globally with the UK, U.S. and Canada being heavily targeted. According to the cyber security company - RSA?s latest report, total estimated losses from phishing for the United States is $117.8 million in the first half of 2012 alone and accounts for 26% of global phishing attack volume. Efficient evaluation/report systems can help organizations to pinpoint the most vulnerable departments to these attacks, generate education plans accordingly, and hence reduce potential financial losses and leaked information.

Technical Summary

The company PhishMe, Inc. provides a service to simulate so-called 'phishing? attacks by which attackers attempt to trick people into revealing their usernames and passwords. IT experts at Emory enhanced the built-in reporting functionality from PhishMe by incorporating the demographic data such as official names of departments, buildings and email address. Therefore, with the combination of two data sources, it is possible to produce reports showing divisions and departments that are more prone to be "phished" compared to the others. This information was used by Emory to adjust education campaigns concerning social engineering accordingly.

Developmental Stage

Currently in use at Emory.

Category