If you notice in your Reporting section that your 'click rate' is high, or higher than you expected it to be, we have written some guidance on ways to help lower it, while still keeping staff aware of the threat.
Run monthly phishing simulations
We recommend running phishing simulations at least monthly. At MetaCompliance, we constantly update our Phishing email templates, so you will always have fresh ones to use that are up to date with the current threats we see in real life.
Running monthly simulations will give you a clear picture of recurring victims and weaknesses within the organisation who can then be targeted with additional training.
Automated follow-up training to victims of phish
If your users click on a phishing simulation, have them automatically enrolled into a phishing-awareness training course by using our Phish Remediation tool. This will automatically target those users who interacted with the phishing simulation with a second phish or a course. See Phish Remediation
General training to all staff on new threats to be aware of
The cyber security landscape is always changing with new threats to be aware of. Instead of recycling the same course from the year before, check out our ‘What’s New’ section, so you can make use of our newly created content focusing on recent threats, or seek advice from your Customer Success Manager to create an impactful, relevant course.
Use blogs and office assets, such as screensavers and posters
The subconscious brain is a powerful tool. Using our free cyber awareness assets will help instil a change in employee behaviour and culture within the office and at home. Our Marketing Team release a 'Scam of the Month' series which is included in our Blogs section; this helps to keep recent scams and attacks at the forefront for employees.
Make use of the Department Comparison Report to identify possible weaknesses
The MetaCompliance Platform has an array of reporting tools to choose from. We would recommend a monthly review of your 'Departmental Comparison Report', so that you can be aware of possible weaknesses within the organisation, and be in a position to provide them with additional support and guidance on how to spot a phish.