Wombat’s newest Social Engineering Assessment is the first to change employee response to cyber attacks by simulating popular “smishing” attacks to proactively train employees.
Pittsburgh, PA – February 19, 2013 – Wombat Security Technologies (Wombat), social engineering and anti-phishing expert, today announced the release of SmishGuru™, the industry's first and only simulated attack service to target the growing problem of text message phishing, coined as "smishing." With companies struggling to address "bring your own device" (BYOD) threats attacking today's mobile workforce, SmishGuru is a powerful tool for security officers to train employees how to recognize and avoid the most subtle yet potentially harmful smishing attacks. An expansion of Wombat's family of Social Engineering Assessment products, SmishGuru helps companies mitigate BYOD risks by teaching employees to defend against popular mobile device attacks. The new offering follows in the footsteps of PhishGuru®, Wombat's award winning email phishing simulation service, which is recognized for its ease-of-use and proven effectiveness.
"As more companies embrace BYOD policies to empower employee productivity, cyber criminals will seek new ways to trick people into providing sensitive information making text message phishing or "smishing" one of several attack vectors on smart phones," said Paula Musich, principal analyst for enterprise security at Current Analysis. "Text messages, like email messages, can be used to spread malware, phishing scams and other threats among mobile device users."
While the mobile workforce is clamoring for the use of their personal devices at work, BYOD and uneducated users represent the perfect recipe for corporate security breaches. A study from Nielsen shows that 67% of new mobile phone purchases are smartphones; yet while they are embracing mobile conveniences like texting and geo location applications, surveys show they are careless about security. A recent RSA study revealed people are more likely to fall for phishing attacks on mobile devices than on PCs. As a result, cyber-attacks on mobile phones rose by a factor of six last year, according to Intel, while a recent report by Lookout Security predicts that 4 out of 10 mobile users will click an unsafe link on their smartphone.
"We've already seen the rise of successful smishing attacks and all predictions point to increases in the future," said Joe Ferrara, President and CEO of Wombat. "SmishGuru is part of a holistic approach to security awareness and training that leverages our combination of simulated attacks and highly interactive employee training to help companies protect against the latest breeds of malware and spyware used to infect corporate networks and steal valuable data."
How it Works
Similar to Wombat's PhishGuru and USBGuru solutions, security officers can select and customize the type of attack they want to send and they can select and customize the training the employee will receive if they fall for the simulated attack. Data from SmishGuru provides security officers with detailed data from each attack campaign. Employees can easily be grouped and assigned additional training in the areas they need it most. By assessing and training employees throughout the year, Wombat's new SmishGuru attack simulation service enables security officers to:
- Mitigate the risk their organization faces due to the use of smartphones
- Protect corporate networks from Malware, Spyware and other malicious software
- Understand which employees are most susceptible and target them with additional training
- Provide a unique teachable moment that teaches employees at the point of failure
- Increase acceptance of security awareness training
Wombat's proven simulated attack methodology has shown success in significantly reducing employee susceptibility while simultaneously providing motivation for employees to take more in-depth training.
Ferrara continued, "Wombat also provides complementary software training modules that can be used in conjunction with SmishGuru providing a holistic approach to BYOD threats. Combining simulated smishing attacks with interactive training modules that teach employees about social engineering, smishing attacks, malicious URLs and smartphone security ensures that employees will be better prepared when using their smartphones."
About Wombat Security Technologies
Wombat Security Technologies helps organizations combat cyber security threats with uniquely effective software-based training solutions for employees. Wombat offers fully automated, highly scalable software-based training solutions, built on learning science principles. They offer mock attacks with brief embedded training, as well as a full complement of 10-minute software training modules. Wombat's training solutions have been shown to reduce employee susceptibility to attack over 80%. Wombat is helping Fortune 1000 customers, large government agencies and small to medium businesses in segments such as finance, banking, higher education, retail, technology, energy, insurance, and consumer packaged goods strengthen their cyber security defenses. For more information visit www.wombatsecurity.com or contact Lorraine Kauffman-Hall at 704-882-0443 or firstname.lastname@example.org.