A Study of Organization Level E-mail Phishing Awareness
Bottinelli, Sara (2023-06-07)
A Study of Organization Level E-mail Phishing Awareness
(07.06.2023)
Lataukset:
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
suljettu
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe2023060953818
https://urn.fi/URN:NBN:fi-fe2023060953818
Tiivistelmä
Phishing is, without a doubt, one of the most widespread cyber attacks that organizations worldwide are facing. It is unfortunate, however, that many companies overlook the importance of implementing security measures to protect against this threat.
The main objective of this thesis is to create a comprehensive understanding of organization-level e-mail phishing awareness. This is achieved by presenting the outcomes of a carefully designed and executed three-month phishing campaign, which was carried out in a business setting. To maximize the effectiveness of the campaign, a thorough analysis of the phishing e-mails that the company received was conducted prior to its initiation. This two-phase approach enables a bespoke and tailored campaign that caters to the specific requirements of each organization based on the insights gathered from the analysis. By providing a detailed account of the entire process, this thesis aims to educate readers about the importance of being vigilant and proactive when it comes to safeguarding an organization against phishing attacks.
After reviewing the data collected, the company has taken the first step to improve its security against this particular type of attack. Further examination of relevant papers has revealed a potential enhancement to the existing process for addressing this issue. The analysis has identified the most effective steps while also discarding those that are deemed unhelpful. These actions demonstrate the company's commitment to ensuring the safety and security of its operations.
The main objective of this thesis is to create a comprehensive understanding of organization-level e-mail phishing awareness. This is achieved by presenting the outcomes of a carefully designed and executed three-month phishing campaign, which was carried out in a business setting. To maximize the effectiveness of the campaign, a thorough analysis of the phishing e-mails that the company received was conducted prior to its initiation. This two-phase approach enables a bespoke and tailored campaign that caters to the specific requirements of each organization based on the insights gathered from the analysis. By providing a detailed account of the entire process, this thesis aims to educate readers about the importance of being vigilant and proactive when it comes to safeguarding an organization against phishing attacks.
After reviewing the data collected, the company has taken the first step to improve its security against this particular type of attack. Further examination of relevant papers has revealed a potential enhancement to the existing process for addressing this issue. The analysis has identified the most effective steps while also discarding those that are deemed unhelpful. These actions demonstrate the company's commitment to ensuring the safety and security of its operations.