Subscribe to the InfoTech eNewsletter

infoTECH Feature

February 20, 2013

Wombat Security Technologies Develops Simulator to Train Employees on 'Smishing' Attacks

On Tuesday, Wombat Security Technologies announced the release of SmishGuru, a mechanism that simulates text message phishing attacks often referred to as 'smishing'. These attacks have become a growing problem in many organizations as they adopt bring your own device (BYOD) policies.

A combination of trends has created the perfect recipe for a security breach for many organizations. Two-thirds of new phone purchases are smartphones, according to a Nielsen study. An RSA (News - Alert) study shows that users are more likely to fall for a phishing attack from a smartphone than they are from a PC. This resulted in a six-fold increase in cyber-attacks in mobile phones in 2012.

SmishGuru works through a series of attack simulations launched by a security admin to employees' phones. One type of simulation could send a message to a phone with a suspicious link consistent with the behavior of an actual attack. If the user clicks the link, they get a message advising them that they should not have clicked the link. This becomes an effective teachable moment, because the user gets much of the benefit from learning by experience without suffering any damaging effects.

After a series of campaigns have been launched, results from the campaign get sent to the security admin. With this data, the admin can identify who is susceptible to future attacks and what kind of attacks they are likely to fall for. This enables security admins to customize campaigns and individualize training for each employee.

Wombat Security Technologies is based in Pittsburgh, PA and develops simulations of cyber-attacks to train organizations on how to recognize and prevent future attacks. In addition to SmishGuru, they have also developed PhishGuru for e-mail attacks and USBGuru to deal with attacks spread by USB drives.

According to Wombat, their training programs have reduced employee susceptibility to attacks by over 80 percent. If these numbers are true, then any organization facing security problems from phishing or smishing attacks would benefit tremendously from Wombat’s training programs.

Edited by Brooke Neuman

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers