👋 We have several phishing updates in this release, including the introduction of AI-generated email templates. We've also squashed some bugs and made other improvements.
🐿️ Security Awareness in a Nutshell: this is Haekka's concise, 15-minute version of its flagship program "Modern Security Awareness". Perfect for time-sensitive organizations, this condensed course efficiently delivers essential security knowledge and practices. It also covers all security topics for SOC 2, ISOC27001, HIPAA and others.
🐠 New Phishing Templates: We've expanded our phishing simulator offering with the addition of more than 20 new phishing email templates, diversified into three principal categories: AI-Generated, Internal, and SaaS.
- AI-Generated: Our AI-crafted templates help your team stay vigilant against the rising menace of attackers leveraging LLMs. These innovative templates are tailored to mirror the sophisticated techniques employed by cybercriminals.
- Internal: Created by Haekka's in-house content team, these templates are designed to mimic emails originating from your organization's internal teams. They are an excellent tool for enhancing your team's ability to discern legitimate internal communication from disguised threats.
- SaaS: Designed to resemble communications from commonly utilized tools and services. These will equip your team with the necessary skills to accurately identify and handle potential threats posed by emails seemingly from third-party services.
With our expanded range of templates, we aim to provide a more comprehensive and versatile toolset for your team's cybersecurity training.
✉️ Forward Phishing Reporting: With our latest update, we're rolling out a new way to report phishing emails. While we still recommend reporting phishing simulations through Haekka's Chrome extension as the most effective method, we recognize the need for versatility. For organizations that don't use Gmail, or for those that restrict browser extensions, we've devised an alternative approach for reporting phishing attacks.
Now, administrators have the capability to assign a specific email address for users to forward potential attacks to. For instance, by designating an address like email@example.com in your phishing settings, team members can simply forward suspected phishing attacks to this address for your evaluation.
Importantly, this feature also enables a reporting functionality for users on their mobile devices, making it easier than ever to report phishing attempts on the go. This addition is part of our ongoing commitment to provide adaptable and accessible cybersecurity tools for your team.
Improvements and Fixes
- Added the ability to customize the welcome message button for an engagement
- Updated how external link actions are shown for engagements
- Fixed an issue where certain browsers threw an error loading pages when first logging in
- Certain lessons would have incorrect completion estimates
- Certain trainings would have incorrect numbered lessons when viewed from the web dashboard