Speaker
Description
At CESNET, we develop Phishingator software, which we use to train users in phishing and social engineering. Phishingator allows to prepare and automatically send phishing training emails to selected recipients on a defined date and time and then monitor users activities. Sent phishing emails contain a link to fraudulent training websites created in Phishingator. Users are automatically monitored on how they react and what they fill in a form on a fraudulent website. Phishingator then checks whether the credentials entered are valid or not. Collected data about user activities is used to generate statistics and detailed tables for administrator of organization. The goal of Phishingator is to educate users, so if a user fills in valid login credentials to a fraudulent site, an educational page will be displayed. Educational page contains sent phishing training email and phishing website together with a list of indicators of phishing. Users can educate themselves based on these indicators of phishing emails on educational page so that they can recognize phishing in the future. Phishingator has already been deployed at CESNET and at several Czech universities and other organizations.