If you notice in your Reporting section that your 'click rate' is high, or higher than you had expected it to be, we have some written guidance on ways to help lower it, while still keeping staff aware of the threat.
1. Run monthly phishing simulations
We recommend running phishing simulations at least monthly. At MetaCompliance, we constantly update our Phishing email templates, so you will always have fresh ones to use that are up to date with the current threats we see in real life.
Running monthly simulations will give you a clear picture of who the recurring victims are, as well as highlighting any weaknesses within your organisation. These can then be targeted with additional training.
2. Automated follow-up training to victims of phish
If your users click on a phishing simulation, you can automatically enrol them into a phishing-awareness training course by using our Phish Remediation tool. Any user who interacted with the original phishing simulation will automatically be targeted with a second phish or a course. See Phish Remediation.
3. General awareness training for all staff on new threats
The cyber security landscape is always changing with a constant stream of new threats to be aware of. Instead of recycling the same course from the year before, check out our ‘What’s New’ section so you can either make use of our newly created content which focuses on recent threats, or seek advice from your Customer Success Manager to create an impactful, relevant course.
4. Use blogs and office assets, such as screensavers and posters
The subconscious brain is a powerful tool. Using our free cyber awareness assets will help instil a change in employee behaviour and culture within the office and at home.
Our Marketing Team release a 'Scam of the Month' series which is included in our Blogs section; this helps to keep recent scams and attacks at the forefront for employees.
5. Make use of the Department Comparison Report to identify possible weaknesses
The MetaCompliance platform has an array of reporting tools to choose from. We would recommend a monthly review of your 'Departmental Comparison Report' so that you can be aware of possible weaknesses within your organisation, and also be in a position to provide your colleagues with additional support and guidance on how to spot a phish.
Related Articles:
View User Interaction on Phish
Can I Automatically Target Phish Clickers with another Phish or Course?
What Kind of Campaign Should I Run?
How Can I View if Our Organisation's Open & Click Rates Are Improving?