Phishing training

DKCERT helps institutions on the research network with training to avoid falling into the phishing trap.

As part of the awareness training to educate employees and students in good security culture, DeiC Security / DKCERT has developed a tool that can relieve the individual hassle and gather experiences so that you get an even greater benefit from your efforts.

One of the criminals' most common and effective ways into a network, financial accounts or a building is by luring someone from the inside to open the door.

That's why we've developed a tool to help test this angle of attack, so IT can better focus training targets for employees and test the organization's response to the threat.

Phishing emails are an effective way to target many at once, but can also be tailored to target specific victims. The vast majority of employees receive and respond to emails in their daily work, which means that a phishing email can simultaneously target a large audience that otherwise has many different tasks.

Our tool works on the same principles as a malicious phishing campaign, but everything takes place in an encrypted and restricted environment. We have implemented a technical platform that makes it easy for you to pressure test the security level of your organization.

Working with us, you can design your own phishing campaigns that realistically send a defined volume of emails. Your organization is free to design "attacks" based on, for example, needs, number of recipients or employee knowledge level.

Benefits of phishing training
  • No need for your employees to monitor colleagues in a campaign
  • Economies of scale by gathering data and experience
  • The service is charged at cost

How to get started

If you want to get started with our awareness tool, we recommend that you select a technical manager who can be the link between DeiC Security / DKCERT and your organization.

A preparatory meeting is arranged where we jointly go through a checklist of the elements that must be prepared before a campaign is launched.

This includes, for example, the exchange of a PGP key so that the campaign data can be sent encrypted between parties. Last but not least, this part also includes a service agreement and data processing agreement so that there is clarity on how all data is processed.

Once the practicalities are in place, you can help define the content of the email to be included in the campaign or choose from one of our templates.

If you wish, you can also design the page that the user lands on if they click on a phishing email, as well as the educational content to educate the user to avoid repetition in an acute situation.

Get help

You're always welcome to contact us if you need help.

Contact us

If you need further information or help setting up a campaign, please contact us via email.

Kenneth Mikkelsen
Tel: +45 93510770

Related content

Read more
  • Sikkerhed
Forsvar af den akademiske sektors digitale frontlinje

Se eller gense oplæg fra DKCERTs nye chef, Galina Ianchina, fra årets DeiC Konference.