New Intel Security tool aims to encourage phishing conversation

David Bull, director of product marketing at Intel Security

David Bull, director of product marketing at Intel Security

Last month, the story of the CRA’s test of its own phishing vulnerability brought home to many Canadian businesses just what can be at stake if employees don’t know the telltale signs of a phishing attack.

For those who may have missed it, in May, the CRA revealed that it had sent around a mockup phishing e-mail to its employees. It used the same tactics used by real phishers. The CRA had warned its people months before that it would be doing such a test at some point in the future. More than three quarters of employees who received the e-mail did not click on the faux-malicious content.

But that means that nearly 3,500 CRA employees had just potentially given away the keys to the kingdom by clicking on an e-mail. At the organization responsible for collecting all of the Canadian government’s revenues.

It’s not a surprise, but it is sobering, and it shows the need for education when it comes to phishing in the enterprise.

If the CRA’s news didn’t provide enough ammunition for solution providers to start a discussion with customers about phishing and the education and technology to remediate the risk of phishing, Intel Security is providing another conversation starter.

As part of its new Microsoft Office 365 Channel Kit, Intel Security is providing channel partners the ability to do a customized test of their customers’ employees’ phishing awareness, and provide back a report on just what the customer needs to know. David Bull, director of product marketing at Intel Security, said it’s a conversation solution providers need to be having.

“E-mail security isn’t necessarily a sexy topic, but it’s the number-one vector that people utilize to suck information out or stuff something bad in,” Bull said. “The security tools are good at things like malicious attachments, so a lot of times, phishing is the way in.”

The Web-based tool allows partners to get segregated reporting for a customer based on a unique URL they produce for the same phishing knowledge quiz Intel Security has been running for a year now at mcafee.com/phishingquiz. The quiz walks employees through ten e-mail messages, asking whether each appears to be legitimate or a phishing attempt. At the end of the quiz, it tells them their score, and helps explain some of the false negatives they reported, identifying what about the e-mail should have clued them in that was not legit. The tool asks for a limited amount of information about the recipient – the country they live in, the size of their company, and the department type within the company.

The reporting engine for solution providers prevents back a report – customizable with the solution provider’s name and logo appearing alongside Intel Security’s – that shows the customer how they did as an organization, by respondents within a given country, and by department. Bull said there are some consistent department-by-department results, and accounting and HR – two departments with the most sensitive data to lose to would-be attackers – almost universally fare poorly on the quiz.

Sample results for a partner report base on Intel Security's phishing quiz.

Sample results for a partner report base on Intel Security’s phishing quiz.

The intention is to provide a tool that starts a security education conversation, although Intel Security would not mind if its partners manage to sell a few extra e-mail protection SKUs as a result. Bull said the timing is right because the mass move towards the cloud – and Office 365 in particular – is also helping to encourage the conversation.

“Office 365 is pushing people to the cloud, and e-mail is often the function they move first,” Bull said. “So many organizations are looking at migrating or have migrated, and what’s happening is that organizations used to having an enterprise security tool are second-guessing themselves, thinking they need may need to bolster their security stance.”

Since its debut last year, McAfee’s phishing quiz has been taken some 100,000 times, Bull reported. But he expects that number “to explode” now that it’s become a tool in the company’s partners’ hands.

“What we’ve done so far is really just make it available to individuals. But the unique URL and the ability for partners to get a useful report back, that really allows us to scale,” he said.