The Gophish Toolkit: Running a Phishing Assessment Against Your Organization to Identify Technical and Social Engineering Weak Spots

Webinar Registration

So many successful attacks begin with a phishing campaign which may be targeted at your specific organization or a broader target set. In fact, at least 1/3 of all breaches involve phishing and 94% of malware is delivered by email. Combatting such attacks is both a technical challenge that encompasses email, endpoint and network security but equally important is your user base’s susceptibility to social engineering and their awareness of phishing.

If you can stop an attack at the phishing stage, you are nipping it in the bud before it ever really gets off the ground. So, it pays to know how resilient you are on both levels.

Fortunately, there is an awesome open source toolkit, Gophish, designed to help you easily run well-designed phishing campaigns and quantify their “success”. You can choose which groups of users in your organization to target and send them to a landing page – such as a login portal and even measure your stolen credentials.

In this real training for free event we will show you how to setup Gophish and how to run a campaign in six steps:

Configuring the sending profile - the mail server
Choosing users & groups - who receives the phishes
Editing email template - the email users receive
Customizing the landing page - usually a log-in page
Launching the campaign
Monitoring the campaign results on the dashboard

We will also discuss important human factors since phishing is social engineering, things like:

How to make the phishing email compelling
Using open-source intelligence (OSINT) to craft your email – imitating the bad guys
How believable should the phish be? Is there such a thing as too good?

We will talk about varying levels of difficulty ranging from:

Free gold scam
Sales deals/coupons
Problem with account
HR policy updates
Problem with paychecks/bonus

Rapid7 is our sponsor and Rapid7’s Senior Security Consultant, Patrick Laverty, will demonstrate Gophish during this hands-on, technical real training for free session. Then a solutions engineer will briefly show you how Rapid7’s technology InsightIDR, can help protect you from phishing attacks.

Please join us for this real training for free session.

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Job Title:	Required
Organization:	Required
Country:	Required
State:	Required
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.