We hope all of our Canadian readers had a happy Canada Day! As you settle back in from what was hopefully a relaxing day off, let's take a moment to talk about everyone's favorite topic: Phishing, or more specifically, Canadian Phishing!
It's no surprise that phishing attacks work better when they feel familiar. So, if you want your simulated phishing campaigns to be successful, you need to follow that same playbook.
The goal of simulated phishing campaigns is to identify risk in a safe and controlled environment, so you can coach learners to avoid compromise before they see the real thing. But that only works when the user actually engages with the email. The key to driving that engagement is to use a convincing "lure," the part of the email that catches the user's attention and gets them to engage. This is where familiarity plays such an important role: users are more likely to engage with emails involving things they already know.
Attackers know this and they're using it to their advantage. Instead of building run-of-the-mill, generic lures, AI has enabled them to create hyper-relevant emails at scale. They can now target your users, regardless of where they are in the world, with emails that look like the familiar businesses and organizations they see on a daily basis.
In an effort to make Managed Phishing more effective for our learners around the globe, we're expanding our localized Managed Phishing campaigns (which include the US, UK, and Australia) to Canada!
Starting today, Huntress Managed SAT will begin delivering phishing simulations tailored for learners in Canada.
Figure 1: Managed Phishing will now include more relevant scenarios for Canadian learners.
With Localized Managed Phishing for Canadian learners, Huntress Managed SAT will now send English-language phishing simulations built around Canada-relevant brands and scenarios. That can include examples tied to names Canadian learners know well, like Tim Hortons or Interac, instead of relying only on U.S.-centric references.
Global threats aren't going anywhere. Users will still receive scenarios that reflect growing trends or emerging threats whose impact is felt on a global scale, like our ClickFix or Fake Zoom Deepfake scenarios.
Figure 2: Deepfake phishing is a tactic our SOC is seeing in the wild. This scenario includes a fake conference call with a deepfake attendee. The compromising action is to download a malicious package disguised as a driver update.
While phishing becomes more targeted, more convincing, and more local, your security awareness training needs to keep up. By bringing Localized Managed Phishing to Canada, your learners get training that feels more relevant and more effective against the threats they actually face.
If you have learners based in Canada, enroll them in Managed Phishing to build your resilience against phishing, without taking on the work of building and managing it yourself.