How to Educate Unteachable Security Ignorants – Screenlocker Ransomware Simulation
Screenlocker Ransomware Simulation – A drastic, but sometimes necessary educational measure. Our experience shows that in repeated pentests or phishing simulations, it is always the same (single) people who download the suspicious files.
Educate Security Ignorants with the Screenlocker Ransomware Simulation
Unfortunately, one has to take rough measures, so that certain employees learn that they have to pay particular attention to foreign mails and suspicious files. That’s why we developped a special variant of our Malware Testing Toolkit: The Ransomware Screenlocker.
How do you use it? Prepare a dedicated “Spear Phishing” Campaign based on a file based scenario using the template “Technical Malware Simuation”. Create with it a highly targeted Phishing Simulation Mail for selected users. It’s up to you to decide if you want to attach the file to the e-mail message or if you want to prepare an additional landing page where the file can be downloaded. Configure the ransomware simulation file (this is the attachment, which is an exe) in LUCY: You can modify the the message text on the screen and you can choose a free password. When this is done just start the campaign. Of course you can monitor the campaign as any other phishing simulation with the LUCY phishing software.
The surprise moment is guaranteed – Our experience has shown that those caught with it get a real shock! We know, however, that the learning effect among the persons affected largely prevails over their isolated indignation or annoyance.
This scenario does not damage your PC! It’s harmless.