Anti-phishing program

Phishing can take many forms and be delivered through various channels, including emails, SMS, iMessage, social media posts, instant messages, webinar links, and more.

• Training and workshops are impactful in raising awareness but are best accompanied by periodic drills and simulation tests.

• Risk scores are calculated per employee to help identify the individual who ignores suspicious format and fails to recognise phishing links during the drill and simulation test.

• These individuals will be given tailored training material to revise.

• The program can be tailored concerning the trickiness of phishing and tailored to the company's business activities to give real context. For example, if a marketing campaign is under planning, the phishing links can embed special words or pictures to reflect the context.

• This program should be run once a month or quarterly, depending on the level of vigilantity required against potential phishing.