Question
I am not sure which template to use when conducting trainings with Tadrill.
Is there a guideline for the difficulty level of each template?
Answer
The following is a guideline for the difficulty level of Tadrill's email templates.
-
Difficulty: Low
Content that is unnatural as a business email
Template examples: Beer snacks, winning notification emails, Bitcoin payment, redelivery request, suspicious emails, etc. -
Difficulty: Medium
Content related to your company or the department being trained
Template examples: Stress check, login confirmation from another device, request for a group message, etc. -
Difficulty: High
Content related to your company or the department being trained, with an added sense of urgency
Template examples: OS update, request to update web conferencing system version, request for a scan against malware attacks, customer list leak, etc.
The difficulty of actual targeted attacks can be determined by the following three factors:
- Contextual relevance
- Accuracy of sender spoofing
- Presence of urgency
When creating training emails, please adjust the above factors to create content tailored to your organization.
Reference
[Tadrill] User Guide
This guide introduces the training flow and key points for designing trainings.
[Tadrill] DMI (Direct Message Injection) Settings (Microsoft 365)
[Tadrill] DMI (Direct Message Injection) Settings (Google Workspace)
By enabling the DMI feature, you can create training emails that use your company's domain registered with HENNGE as the sender.
As a countermeasure against cyberattacks known as lateral movement, you can conduct advanced trainings with highly accurate sender spoofing.