Though we cannot celebrate together during our annual Holiday Party, we want to show our appreciation and share a $650 dollar one-time Holiday bonus! (...) please select your location and fill in the details by Friday. December 18th. (...) Free money, claim it now!" This email was send to employees of a large IT company. It is in fact, a phishing email. But it wasn't send by an attacker. It was send by the company itself to test phishing vulnerability. Sending out fake phishing emails can be ethically wrong and even harmfull to your employees. And the results are often not very representative of the actual situation. Still, phishing is a very real security risk to many organisations that requires attention. When you send out a fake phishing email, what is it you are really phishing for?

Target audience: strategic / policy


time: 15:25

Other sessions:

NCSC TNO Cyber Resilience Research Program: ICT Recovery Capability & Supply Chain Risk Management

Achieving SOC-cess: Metrics and How to Communicate Them

Next Generation SOC automated Security


Cryptocurrency Crime: Connecting the Dots with Blockchain Intelligence

Public-Private Cooperation in cybersecurity : global overview of the French model