Recommendations for the Most Effective Baseline Phishing Test
Why Should the Test Be Blind?
It’s believed you will get the most accurate measure of your organisation’s vulnerability to phishing attacks by not announcing the baseline assessment to anyone other than your stakeholders. If this were a real phishing attack that made it through your email filters, you’ll see how many employees would actually fall for it. Brace yourselves, this can be a scary number sometimes!
To Prevent Help Desk Overload, Phish Your IT Team First!
Another option you may want to consider is to send two baseline assessments: one to your IT/Help Desk department first, and then a separate one to the rest of your employees afterward. This way, when the rest of your employees begin reporting the suspicious email, your Help Desk employees will be aware of the situation but will also have had the chance to participate in the baseline assessment. In addition, this is a great way to ensure you’ve whitelisted our mail servers effectively, and that your baseline test will reach everyone’s inbox.
Recommended Settings for Baseline Test
You can set up your baseline phishing test beneath the Phishing tab of your console by clicking the “+Create Campaign” button.
The recommended settings for an effective baseline test are below:
For more information and general guidance on our products & services, please contact us.
Require further support?
Search all Knowledgebase articles
Send a Support Request to The Idency Support Team