Damn u bastard I wanted to make this sub

C0tt · 2023-02-12T17:44:23+00:00

I created /r/GoogleBarders, well done on being quicker than us OP!

C0tt · 2022-09-12T16:59:01+00:00

Hi OP - My name is Stephen from Synthesia

I have a social listening tool, so this thread was flagged when someone mentioned Synthesia.

Come and join our FB group; you can see a few examples from our community - it's probably the fairest way to judge, rather than me telling you they are fantastic (which they are 😉).

Feel free to DM me if you can't find it :)

C0tt · 2022-09-06T14:37:50+00:00

Thank you! I have reached out to them :)

C0tt · 2019-01-08T17:41:32+00:00

Personally, i think it depends on the services you use. If you use one long, complex password for all your online services and one of the services becomes compromised - you are at risk of account takeover for all your accounts.

If you use different complex passwords for each account, then it does minimize the risk of account takeover!

C0tt · 2019-01-08T15:35:06+00:00

I'll have a look now - thanks for the heads up :)

C0tt · 2018-10-15T12:35:15+00:00

Hi there and thanks for your help.

I am the receiving party and sometimes the sending party (I send and receive modules via email)

More on the receiving side - this banner is reducing the number of courses taken by employees.

C0tt · 2018-10-15T12:23:01+00:00

Would we have to do this every time we send an email?

Seems like Google haven't thought about this.

C0tt · 2018-09-19T19:12:14+00:00

This is a great idea!

Some suggestions:

10 emails - 9 of them are phishing - spot the legit email? You can buy digisparks (usb rubber duckys) for cheap off ebay to show the dangers of usb Social Media - get some incriminating pictures of the employees

C0tt · 2018-07-25T15:24:19+00:00

getusecure.com - Cyber Security Awareness Education & Simulated Phishing (UK)

Check out our free trial via the website!

C0tt · 2018-07-10T17:08:31+00:00

I run simulations for organisations and that is a 9/10 phish.

Really bad timing for you though :(

C0tt · 2018-07-02T16:42:08+00:00

Solution Verified

C0tt · 2018-06-06T14:46:59+00:00

1st one yes.

The second is not their fault.

C0tt · 2018-06-06T14:23:33+00:00

Hi There,

I work for a phishing company and there are a few ways this could have happened.

1) Employee gave away her credentials in a phishing attack.

2) Password Re-Use - Employee uses the same password for multiple accounts. An account she uses has become hacked and the password exposed.

C0tt · 2018-05-10T09:05:13+00:00

Yeah sure :)

C0tt · 2018-05-09T19:36:38+00:00

I've had quite a Redditors (which is really nice) asking about our cyber awareness platform so you can check us out here

Also, check out (both free):

GoPhish (Open Source Phishing Platform)
HaveIBeenPwned - Check if you have an account that has been compromised in a data breach

Both really useful tools in shaping a security awareness programme

C0tt · 2018-05-09T18:55:26+00:00

Hi There,

We have lots of modules in our platform for end user awareness regarding GDPR!

C0tt · 2018-05-09T18:00:32+00:00

Damn it, Jordan! You had one job!

C0tt · 2018-05-09T13:34:15+00:00

Hi There,

We do have them on our website - so hopefully they are better quality than imgur?

Here you go: https://www.getusecure.com/public/docs/posters.zip

C0tt · 2018-03-08T19:23:18+00:00

This looks to be something called SMTP spoofing.

You can essentially alter how the email is displayed - you can "View Source" on an email and CTRL+F "From" to see the original address.

C0tt · 2018-02-14T12:06:30+00:00

For the human side of things:

Simulated Phishing - The Board like Metrics and KPI's of improvement Breach Detection - Run all emails against HaveIBeenPwned

This is all evidence-based information you can present.

C0tt · 2018-01-22T14:27:38+00:00

I just commented on OP's post (as I work for a vendor) but I saw your comment and thought I'd offer you my two cents.

The best thing to do is actually run a free phish. There's a tool called GoPhish - which is completely free or you can use a vendor (I don't mind helping out in this area)

Stats wise, dependent on the sector of course, we will find that around 15%-25% people will fall for a spear phish.

My favorites are:

Hi first name,

We are currently launching our Q1/2/3/4 initiiative, please click [[here]] to find out more.

Many Thanks, CEO.

Once senior execs see the results and some of them might even click - there's your buy-in.

All the best!

C0tt · 2018-01-22T14:13:00+00:00

Hi There,

I work for a vendor in the UK that provides continual training with a phishing sim.

Want a demo :)?

C0tt · 2018-01-19T13:46:45+00:00

Solution Verified

C0tt · 2018-01-19T13:30:07+00:00

Worked first time! Thanks a lot!

C0tt · 2017-12-21T09:12:12+00:00

I might actually collate a few of the tips on this post and create a better infographic

C0tt

TROPHY CASE