Cyber Guru Phishing, thanks to its exclusive and innovative Machine Learning model specifically designed for training and education, is able to offer a personalized, adaptive, and most importantly, automatic approach that makes training much more effective and practical for dealing with new cyber attack techniques.
Cyber Guru Phishing covers the most commonly used channels by attackers—email and SMS—with its simulation capabilities. However, today this may not be enough. To train users on different cyber attack techniques, Cyber Guru offers the PhishPro add-on, which extends Cyber Guru Phishing’s attack simulations to two digital components that are particularly attractive to cyber criminals: USB drives and QR codes. The Add-On also provides adaptive anti-phishing training with the Adaptive Learning Remediation feature.
USB Attack Simulation Feature
By using this specific type of simulation, you can expand training to teach staff how to use USB devices safely and responsibly.
The USB attack extension allows supervisors to:
Create a USB drive containing a Microsoft Word file with the attack simulation.
Access a report, available in the Remediation Dashboard and updated every time the Word file is opened, showing how many times the file has been opened.
Analyze how many users, in addition to inserting the USB drive into their device, also agreed to run the Word macro—an action that is particularly dangerous for security and would expose the organization to an additional level of cyber risk.
To ensure compliance with regulations and the most common organizational security policies, the produced USB drive does not perform any low-level automatic actions on the computer it is inserted into. Every action must be initiated by the user and does not make any changes to the computer’s applications.
The USB devices (USB drives) are not included and must be provided by the organization.
QR Code Attack Simulation Feature
The use of QR codes has grown significantly in recent years and, as often happens, every new technology leads to new types of attacks that exploit users’ lack of awareness. By using this specific type of simulation, you can expand training to teach staff about the risks that may be hidden behind a malicious QR code.
The QR code attack extension allows you to create simulation campaigns organized as follows:
Supervisors can create QR codes with the attack simulation, print them, and distribute them within the organization.
Users who scan the code and agree to open the link in the QR code will be redirected to a dedicated landing page where they will be asked to provide sensitive information, such as their name and email address.
Each scanned QR code will be tracked in a report available in the Remediation Dashboard, showing how many QR codes have been scanned and who has submitted the requested information.
Collecting information entered by the user is optional, and enabling or disabling this feature does not affect the educational value of notifying the user about the potential danger of their action.
Adaptive Remediation Training
The CGP simulation platform is designed to provide users with frequent prompts to help them become more aware and skilled at recognizing real attacks. However, some users seem particularly “resistant” to training. To address this, Cyber Guru has developed the adaptive remediation training feature.
This feature allows for targeted and personalized training actions for users who need dedicated educational content focused on recognizing the specific threat they fell victim to.
The management of remediation training actions is guided by the platform itself. Supervisors can assign dedicated training content to users identified as “at risk” or who meet similar criteria, providing specific training aimed at recognizing phishing threats.
Users will receive an email notification inviting them to complete the assigned training modules, or they can find the same modules directly in their dedicated section, which they normally use to follow Cyber Guru Awareness training paths.
Supervisors have access to dedicated reporting within the platform, providing evidence of user participation and their progress status.