In this presentation I will explain how Société Générale built his phishing awareness program.
We’ll present two of our tools we developed and published in open source (GPLv3) Swordphish and NotifySecurity (https://github.com/certsocietegenerale/swordphish-awareness & NotifySecurity).
We’ll present how we leverage these tools to improve the visibility on the malicious mails our users receive on a daily basis.
We’ll also discuss about the different fails and successes we encountered with them.
Thibaud Binetruy (CERT Société Générale)