Register for LUCYs Spear Phishing and Malware Setup Webinar on April 11th 2017

Register for our Spear Phishing and Malware Webinar on April-11th!

Register for LUCYs Spear Phishing and Malware Webinar on April-11th 2017

The current phishing attacks are now becoming more sophisticated and personal. Our experience has shown that the employees of an organization, with appropriate training and phishing simulations can better deal with such threats and this can significantly increase the company’s security.

Join our webinar and experience live how to set up, implement and evaluate a personalized spear phishing campaign in LUCY, for training purposes. Meet the LUCY founder, Oliver Münchow, and learn how to:

  • Create a file-based phishing scenario, using pre-defined templates.
  • Configure the phishing mails, so that they look like they are company’s internal emails
  • Configure and integrate harmless Trojans (Malware) into the file-based scenario
  • Set a default behavior of the Trojan
  • Start, monitor and finalize the campaign
  • Analyze the results of the Spear Phishing campaign

Oliver will also answer selected questions from the participants, at the webinar. Register below!

Registration Form: Setting up a spear-phishing simulation with the appropriate malware

Tuesday, 11th April 11.00 – 11.30 EST (17:00 – 17:30 CEST)

 

phishing-tool-overview-lucy-v33

The ultimate Phishing Tool and even more – LUCY V 3.3 out now!

A completely redeveloped PhishButton, Reports in Microsoft Word format, improved learning management system (LMS) functionalities: LUCY had become the ultimate Phishing Tool (and even more)! And it’s still free for up to 50 Users! Download it now.

New Version: The Phishing Tool and its training functionalities

Again, we put lot of efforts into our baby. With the feedback from our customers and we improved many existing features. Here’s the list:

Completely new Outlook Plugin / Phish Button: Starting with LUCY 3.3 the plugin is a signed MSI file and programmed as a C++/COM object. The loading time of the plugin is around 10 Milliseconds.

Reports in Microsoft Word Format – Docx: Within each campaign you will find a button that allows you to create a PDF, HTML, raw CSV and now in Version 3.3 a Word report based on a predefined *.docx template report format

New CSV reports. Export the insights you got in raw CSV format

Embedded java exploit: The JavaExploiter is a signed applet that will execute one or multiple commands and report back to LUCY

Recipient stats page improvement: http://www.lucysecurity.com/PS/doc/dokuwiki/doku.php?id=monitor_a_campaign_statistics#see_advanced_recipient_statistics

Alternative dashboard views & actions: You can select different default views for your dashboard and starting with LUCY 3.3 you can export the dashboard info (overall stats, campaign names etc.): Ability to reschedule awareness training: Starting with LUCY 3.3 the recipient will be able to re-schedule an awareness training.

The ultimate Phishing Tool Dashboard - LUCY V 3.3 is out

New Dashboard Style available – LUCY – Phishing Tool and more

Comparison improvement: Starting with LUCY 3.3 you have advanced comparison statistics that allow you to make also trend analysis

Scheduling improvement (Timezones)  Now you have the ability to create scheduling rules based on different time zones. If you specify a longer time range you can also ensure, that mails are not sent out on weekends by selecting the according checkbox

Victim reminder: The victim reminder is a new feature that can be configured within a campaign. It allows the administrator to define, that recipients who did not click on a link, did not start a training or did not finish a training, get a reminder message send after X days (to be specified).

Automated awareness link delay (LMS): Now you can set a delay for the automated awareness email. This setting will ensure, that people within the same office will not all be informed immediately that a phishing simulation took place.

Recipient list custom fields:  You can create custom recipient fields now. You can add any new recipient attribute you want (e.g. city, gender, education etc.). Those attributes can be used for using customized statistics in LUCY (dashboard filters or raw exports).

Linking a custom Wiki / Optional manual view: By default the LUCY admin or view only user will have access to the LUCY WIKI. If you don’t want to expose the WIKI or create your own web based manual with your corporate design, you can go to the advanced settings and define a link to your manual

Even more new or improved Features in LUCY V 3.3 – The ultimate Phishing Tool:

  • Ability to install all available patches at once
  • Improved charts in reports
  • Time-based variables in message templates
  • Website copying improvement
  • Campaign recipients page improvement
  • Victim side optimizations
  • License purchase improvement
  • Improved statistics
  • Campaign blocking improvements
  • Benchmark statistics improvement
  • Ability to detect clients behind proxy
  • Awareness scheduler improvement
  • Possibility to rename fields in report
  • Timeline improvements
  • Closed JS files from unauthenticated access
  • Setup tool improvement
  • Optional custom 404 for domains
  • OpenDKIM improvements
  • Optional let’s encrypt domain check
  • IDN improvements
  • Limited view account
  • Menu adjustments

Upgrade now to the ultimate Phishing Tool (and it’s even more ) ! Or download below:

Robert Bosch uses LUCY for Phishing Simulations

Customer Story – Experiences with the use of the LUCY Phishing Awareness Training Server at Robert Bosch

An interview with Patrick Zeller, Senior Manager Enterprise Security, Robert Bosch LLC.

Robert Bosch uses LUCY for Phishing SimulationsMarch 2017 – “Bosch” is one of LUCY Security’s first major customers. Thanks to its support, the LUCY Phishing and Awareness Training Server was able to develop rapidly. At the beginning of the year 2017, we interviewed Mr. Zeller on the use and experiences with the products.

Mr. Zeller, how and to what extent does Robert Bosch use the LUCY server?

Patrick Zeller: We use Lucy to educate our employees around the world, on the dangers and risks of phishing and to raise awareness about this. Our employees are given the opportunity to gain experience on this topic, within a safe environment.

And since when is the product been used by Bosch? Can you tell us something about the volume of the already-conducted campaigns?

P.Z.: After an initial evaluation in autumn 2015, we have been using the LUCY Phishing Awareness Training Server since spring 2016. We have conducted various campaigns in more than 10 different languages, with up to 300,000 recipients. Also, since the end of 2016 we have been using the new function of “USB phishing”.

Can you now say something on the benefits of the phishing simulations; has the awareness against cyber risks actually increased among the employees?

We have not yet performed enough campaigns to have proving evidence, with regard to the “click-through rates”. We expect the first KPIs by the middle of the year. However, the feedback of our employees on the respective campaigns is very positive. What we can say with certainty is that we have noticed a significant increase in the notification rates / reports on phishing emails to our internal CERT, as a result of the phishing campaigns carried out so far. This indicates an increasing general awareness of our employees.

Do you remember the incidents; have there been fewer breaches, infections, or something similar?

These are internal data on which I unfortunately cannot comment on. However, since security have always been a top priority for Bosch, we have traditionally been very well positioned here. We see the topic “Security Awareness Phishing” as a complementary tool and measure in our IT security portfolio.

Thank you, Mr. Zeller. Let’s now get to the product itself: why did Robert Bosch GmbH opt for LUCY?

In addition to its excellent price / performance ratio, the decisive factor was the fact that we could completely run the LUCY Phishing Awareness Training Server in-house or on-premise. This is important to us, as it ensures that no sensitive data from our employees leaves the company. Overall, this equally helped us to obtain approval from our worker`s council, since we could convincingly demonstrate and ensure that no employees are monitored. LUCY gives us the flexibility to individually design campaigns and to execute them completely anonymously. It is our goal to train our employees and not to carry out performance checks on them!

And how were the experiences so far?

Overall, it is very positive; as such, we’ve decided to continue with the LUCY Phishing Awareness Training Server. We appreciate the close contact with LUCY’s developers, who can directly support us in case of problems and who are always open for new feature requests. With the version 2.x, we had some performance issues at the beginning, but since the version 3.0, the product has significantly matured and it runs reliably. Unfortunately, the report generator can only be used to a limited extent, because we have very specific requirements, which is due to the size and complexity of our organization. Fortunately however, we can solve this by exporting the results, which we then appropriately prepare for ourselves, through our database applications.

Can you tell us about your favorite features or templates and how are you satisfied with the product?

To be honest, we rarely used pre-made templates in the past. We have too much fun in implementing our own ideas. In general, LUCY’s flexibility is certainly a feature which we greatly appreciate. Also, the “Randomized Phishing” and the “Double Barrel Attacks[1]” are among our favorite features, since they are very efficient and easy to configure. Currently we are looking at the new Phishing Incident Plugin for Microsoft Outlook (Note: Phishing alert button). Overall I can say that LUCY is a very efficient tool for my team, for creating awareness amongst our employees and it meets all our requirements!

Thank you very much for this interview, Mr. Zeller.

[1] In a double barrel attack, the system first sends the user a lure email with a teaser text. The system then waits for some time, before the actual phishing email is sent to the user.

About the LUCY Phishing Awareness Training Server

The LUCY Phishing Awareness Training Server is used for the simulation of technical social engineering attacks and it is universally applicable from SMEs (Small Application Areas Phishing LUCY Server Robert Boschand Medium size Enterprises) right up to large customers. The product can locally be installed at the customer’s location; a cloud variant is also available. The Swiss solution provides dozens of preconfigured phishing templates and training modules, which can be independently used by the end user. Through the “Phishing Incident Plugin” for Microsoft Outlook, the user is opportune by his/her quick reception of an alert, in the event of an attack; this thus reduces the work put in by the security team in the analysis of the threat.

For further information please contact LUCY Security at +41 44 557 19 37 or at http://www.lucysecurity.com/contact-team/.

copy-existing-webpage-for-social-engineering-scam-simulation-with-lucy

You want to copy an existing Website for a Social Engineering Scam? (Simulation) – We show you how it’s done

After 2 (two!) minutes you have a cloned website for your Phishing Scenario. LUCY Social Engineering Simulation Server empowers you when you set up an IT-Security Awareness Campaign [Screencast].

Advanced Phishing Simulations: Clone a Website and add your own Login Form – Do you want to create a phishing simulation and you want to use an social engineering simulation with LUCY - Cloning an existing Website and inserting a login form for data capturealready existing website as a landing page? This 2 minute video shows you quickly how to create a custom landing page with the website copy feature and adding a custom login form for data capture.

Just create a new scenario and select an empty Web based scenario. You can also select any other Web based scenario template for the social engineering simulation you want to customize, because the “Website Copy Feature” overwrites the default Landing Page of the template.

The steps described in the webcast are

  1. In LUCY, create a new campaign, edit the basic settings and save it
  2. Create a new scenario by selecting a Web based attack template (or chose an empty one), populate all mandatory fields and save it.
  3. Go to the Landing Page Menu Item of the scenario you created just before
  4. Push the “Copy Website Button”, the ‘WebSiteCopy’ dialogue appears
  5. Fill out the fields:
    • URL – The source website you want to copy
    • Language – With that you’re defining your language version (LUCY allows multiple languages in the same campaign)
    • File – Select the appropriate value in the poplist, choose f.e. index.html
  6. Push the “Start” Button and the Website Copy is executed. Even really big sites can be copied. And it’s fast!
  7. After the copy is finished, use the Back Button of the dialoge (not of the browser)
  8. Go into the editor, place the cursor where you want to add the login form, push the button “Insert Login Form”
  9. The System provides you three predefined login forms. Select an appropriate one and press OK. If you want to modify it later on, you can do that manually.
  10. The login form appears on the landing page from you social engineering simulation / phishing scenario. Save your setup of the landing page and you’re done with it!

 

Thank you for using LUCY. If you want to see the full end-to-end process from setting up the campaign until sending out and tracking the phishing simulation messages, the just watch the longer webcast below.

Watch the full and more detailed Scenario: Social Engineering Simulation Webcast

 

 

download-stats-of-a-phishing-cammpaign-with-file-but-no-sucess-lucy-antiphishing-server

Phishing Reports: How to read and analyze Stats of a Ransomware Simulation or a File based Phishing Attack

How do you read the results of a Phishing Campaign containing an file attachment or even of a Ransomware Simulation? A hands-on example explains how to get campaign insights and how to read LUCY Phishing Reports.

The initial situation and the question

You prepared a file based phishing scenario. The attachement is a word file containing a ‘malicious’ macro. And now you want to track the results.

Say you sent 50 messages, 20 were clicked (good campaign!), vou got 2 file downloads and 1 user activated the macros.

The Question: How can you list the users who downloaded the file, but didn’t activate the macros? For example you’re should have a list of 2 users somewhere for this but you can’t find it.

The Answers: Analyzing the Phishing Reports

1. Who downloaded the File and who did activate the macros? You can see who clicked, and who executed the file (success) in CSV for example (here’s an example of mixed scenario with macro) and the success condition set to “Data Submit”. As you can see it’s only the last user who downloaded AND executed the file has a ‘success entry’. The user who only accessed the file has only a success entry at link click (column ‘clicked):

Who clicked on the File Link? Who even activated the Word Macro in the File - Analyzing Campaign Reports generated by LUCY Anti-Phishing Server

2. Download summaries are visible in overall stats:

Summary Report on the amount of people who downloaded a attachement from a LUCY Phishing Simulation / Attack

3. See in detail how downloaded what and how was the success: But if you want to see in detail who downloaded a file you can sort the phishing report list by a variable that only appears if the user accessed the webpage (e.g. plugins) and then you can see in the details if the user downloaded the file and executed the file (= The check mark at “Successful Attack”)…

details if the user downloaded the file and executed the file. This is a success event of a file based phishing simulation

…or only accessed the link, downloaded the file, but did not execute the file (no success check mark):

A user downloaded the file but he didn't activate the word macro. This means that this particular phishing attack was not successful. Success Checkmark is empty - Antiphishing Simulation with LUCY Server

5. Alternative: Analyze transmitted Data back to LUCY – Another possibility to track only users who executed the simulation is to actually see under “Collected Data”. Such an event when a user is clicking a link/file is reported back to LUCY: 

When a user clicks on a link or a file, this information is send back to LUCY Phishing Server and is available for further analysis under the Menu "Collected Data"

Happy Reporting with LUCY Anti-Phishing and Awareness Training Server!

LUCY is Winner of the Cyber Security Excellence Awards 2017 - Category Awareness Platform

Yes! – LUCY won it’s Second Award!

After the Info Security Products Guide Gold Winner 2016 we won our second price! LUCY got the “Cybersecurity Excellence Award 2017” in the category “Awareness Platform”. We’re proud of it!

cybersecurity_awards_winner-108x150

We’ve been white hackers and IT-security auditors for 20 years. At this time, we were rather reserved in the communication to the outside. It took time for us to open up to the public. But as brand new product developers we had to do so and it helped us to participate in competitions!

So, we are looking forward to seeing more prices in the future.

LUCY rocks!

Phishing Campaigns with hundred of thousands of users - Robert Bosch is a LUCY Customer

Phishing Campaigns with up to 300,000 recipients – Robert Bosch LLC is a LUCY Customer

Robert Bosch is a LUCY Anti-Phishing Software CustomerRobert Bosch  – “Bosch” is one of LUCY Security’s first big corporate customers. Thanks to its support, the LUCY Anti Phishing and Awareness Training Server was able to develop rapidly.

Their Enterprise Security Team is using LUCY since early 2016. Since then they have conducted various campaigns with up to 300,000 users and in more than 10 different languages. They also started to use the new function of “portable media phishing” (USB) recently.

The company did choose LUCY because of its excellent price / performance ratio and due to the fact that Bosch can run LUCY  Anti-Phishing Server as a local installation (on-Premise). So they can ensure that no sensitive data from employees leaves the company. That’s also why the Enterprise Security Team obtained quickly the approval from the works council, since they convincingly could demonstrate that no employee monitoring is being done. The company uses LUCY in a global, corporate scale and implements specific, custom made Security Awareness Trainings and Phishing Scenarios. LUCY as a product helps very much maintaining and developing this specific content.

“I can say that LUCY is a very efficient tool for my team, for creating awareness amongst our employees and it meets all our requirements!” – Patrick Zeller – Senior Manager Enterprise Security, Robert Bosch Gmbh

 

New certified Phishing Simulation and Anti-Phishing Consulting Partners in Amerca, Africa, South-East Europe and Switzerland - Certified LUCY Partners

New certified LUCY Partners in North America, Nigeria, Slovenia and Switzerland

lucy-phishing-tagline-new-awareness-content-2017

Big Update: Awareness Training and Phishing Attack Templates 02/2017 – IT Security Training reloaded!

report-scam-and-analyze-with-lucy

Report Scams Quickly and Assure Speedy Threat Analysis – Phish Button for Outlook