Click Armor launches gamified assessment that tests business phishing vulnerability

Corporations and public sector organizations can now assess their workforce’s exposure to dangerous phishing attacks, which are escalating as social distancing requires most employees to work from home.

Managers can now characterize the weaknesses in their staff’s ability to defend against phishing and online social engineering scams, thanks to “Can We Be Phished?”, a new, freely available online assessment from Click Armor, the Continuous Cybersecurity Awareness Platform.

Phishing is the practice of sending malicious emails, supposedly from trusted senders, to induce people to reveal sensitive information such as passwords or credit card numbers, or to launch malware attacks on computer systems.

“Organizations are increasingly worried about their exposure to phishing threats coinciding with the sudden increase in the number of employees forced to work from home due to the pandemic. Scammers take advantage of people working outside their normal, secure environments to attack businesses and spread disinformation by exploiting peoples’ anxiety about the situation,” explains Click Armor CEO Scott Wright.

“The Click Armor platform is designed to arm individuals and businesses with the skills they need to identify and defend against these kinds of threats. This unique, free corporate assessment allows organizations to quickly and easily assess their exposure, based on the team’s performance on a gamified phishing challenge.”

The Coranavirus Edition of “Can We Be Phished?” uses gamification to test and characterize a team’s cybersecurity skills. In this short challenge, each employees see several emails that may or may not be malicious, and they must review each one to assess if it is safe or suspicious. Examples of the types of messages simulated include:

• IT helpdesk staff with changing procedures
• HR managers with updates for personnel
• Pandemic advisories from health agencies
• Government news about special programs

Wright says, “People are often surprised how easily they are fooled by the platform’s realistic scenarios. They learn to be more careful in looking for real clues and risky elements. In under five minutes, individuals can learn how they can be tricked, and where they should be more careful in handling email. We provide managers with an organization-wide assessment report with aggregated indicators that can be used to focus on strengthening employee cyber defense skills.”