Focus PhishMe Service

Phishing attacks are one of the most common cyber security issues that individuals and businesses face, and even with how much we think we know about them, they are always adapting, ensuring that people continually fall victim to them.

Talk to us about your email security

Focus PhishMe Service - Email Security

No matter how good your perimeter security, phishing emails still reach users and threaten to trigger breaches.

Every phishing email that reaches the user is an attack on your organisation. When technology fails, users need to become human sensors and report phishing. But how can users report if they don’t recognise today’s evolving attacks?

Our Solution

Teach users to identify (real) phishing.

The Focus PhishMe platform (powered by Cofense), educates users on the real phishing tactics your company faces. We leverage extensive research, threat intelligence, and front-line phishing defence. Through experiential learning—simulations of current phishing threats—you will condition smarter email behaviour, transforming vulnerable targets into an essential layer of defence.

Focus PhishMe Service

Focus delivers the ‘PhishMe’ service for to perform Phishing Expeditions for detection and education of your staff and users.

The main reasons to phish your own employees are: 

a) Identify your employee’s biggest cyber security flaws

  • Phishing your employees firstly allows you to see who has clicked on the 'malicious' links, and who has acted appropriately. This can give you an excellent insight into just how exposed your workforce is. Not only is this useful for seeing where the weaker links are, but it is also extremely efficient for discovering which departments are more susceptible to a breach.
  • Many businesses are guilty of raising awareness of the perceived "higher risk" departments. However, all employees have company-sensitive information and should all receive the same level of education and awareness. It is important, however, to follow the ‘engage, not enrage’ methodology when conducting this simulation, and give employees individual feedback, rather than in a name and shame manner.

b) Increase the awareness around phishing emails

  • The more exposed your employees becomes to these types of emails and their signs, the more likely they are to detect the red flags.  Focus PhishMe simulates active phishing threats to condition smarter user behaviour. It is the opposite of “phish testing,” which assesses vulnerability but fails to change behaviour through continual learning. Unlike machines, humans cannot be patched. People remain aware of threats by practicing regularly and remaining invested in organisational defence.

c) Provide the opportunity to safely educate employees

  • Keeping the training consistent, whilst also avoiding learning fatigue, is crucial. Make sure you can measure the results of how effective this training has been, and where there is room for improvement. It is not about naming and shaming!

This service is based on a per campaign model, which typically runs over a 12-month period.

The campaign consists of:

  1. Six (6) scheduled Phishing email tests will be delivered over the campaign period. These emails can be varied in levels of complexity to challenge the skill levels of your employees. There are also specific vertical market templates that we can use for the phishing emails to suite your vertical market if applicable.
  2. Reports from each scheduled test are automatically generated, and sent out to the designated reviewer.
  3. The report generated from the first of the 6-phishing email tests is delivered to you by one of our experienced consultants to cover the contents of the report and assist with any appropriate recommendations.

The remaining reports during the campaign will be generated and sent to the designated reviewer directly. If you require additional support from one of our consultants to help analyse the report and make recommendations, these can be included in the pricing of the service.

Get in touch with us to find out more about protecting your business from these email attacks.