Menu Português do Brasil Čeština Dansk Deutsch English (US) Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

Cloud Service Spoofing Training

Respondida
Avatar
IT DPT

While your training does a lot to cover not even clicking on links in emails going to bogus sites, I feel there should be some specific training (or at least training that goes a bit further) to cover the attempts to get employees to provide credentials to spoofed cloud based services like Office 365 or Google services. These are by far the thing we see the most--attempts to fool employees to provide their email and password into a service that looks like Office 365. We've also seen a lot of our contacts (customers and vendors) get duped by this where someone in their company has provided their cloud service credentials to a non-legit site and suddenly the hacker is inside their cloud email sending us emails from contacts that we otherwise treat as legit--and they can often look very convincing since they study the person's email patterns, how they word emails, who they speak with in our company to make the emails look legit.

Seeing some training modules that speak a bit more specifically about how these credential harvesting sites work and then how they're used to study emails, how people correspond with key contacts, who people stay in contact with and so forth (after gaining access to someone's cloud email) would go a long ways for company's like ours who use services like Office 365. We have on a several occasions seen people give up their Office 365 credentials to these types of sites, and it's alarming, to say the least.

1

Comentários

2 comentários

Classificar por Data Votos
  • Comentário oficial
    Avatar
    Natalie Koly

    Hello It-dept,

    Thank you for your feedback! I’m not sure what subscription level your organization currently has, but KnowBe4 offers training courses related to the cloud and email spoofing at our diamond subscription level. If you have any questions about what is available at your subscription level, please feel free to contact your Customer Success Manager. In the meantime, I'll be happy to pass along this feedback to our Course Development team.

    Thanks again!

     

    Natalie
    KnowBe4

    Ações de comentário Permalink
  • Avatar
    Randolph Steer

    I'll second how important this is.  Maybe KB4 views it as an incentive to get people to upgrade to the diamond level, but perhaps it's important enough to offer to all customers.

    Randy.

     

    0
    Ações de comentário Permalink

Por favor, entrar para comentar.

Não encontrou o que estava procurando?

Nova publicação