Proofpoint Security Awareness Training eNewsletter

Rebranding CyberStrength and ThreatSim Assessments

Improved Speed when Setting Up Phishing Simulations (formerly ThreatSim)

Organizations with a large user population will soon be able to more quickly set up phishing simulation campaigns. You will not have to wait for the soon-deprecated blue loading bar seen when loading the phishing simulation part of our platform.

Multinational Language Support

For Administrators: The platform console has been translated and localized into Japanese. This is the first of our planned platform console translations, and more information will be upcoming about other translation/localization initiatives in other languages.

For Users: In the event that a user never manually set their Platform language preference, the system will check their browser language setting upon login. If the browser language is set to a value other than English, the “Choose Your Language” window displays so that a Platform language preference can be set.

New SCORM File Type: Tin Can (xAPI)

If you use a Learning Management System (LMS)instead of our Security Education Platform, we’ve made delivering the content more flexible for these new formats. We now support Tin Can in addition to continuing to support SCORM Version 1.2 and SCORM Version 2004.

Improved Security for PhishAlarm Email Reporting for Outlook

If your organization uses our PhishAlarm for Outlook COM (thick client) plug-in, we’ve improved security by replacing the email communication for scoring messages using SMTP to a RESTful API. This means users who report a message will not see the email in their “Sent” folder, rather the email will go directly to be scored and sandboxed for a disposition. This functionality is already available for the PhishAlarm for Exchange Add-In.

To setup this updated version, go to the PhishAlarm > Add-in Setup > Install tab and click the Download button under PhishAlarm.

Content Updates

We have numerous updates for you to consider this month. This includes new interactive modules for Industrial Control Systems (ICS), and for ‘Vishing’ that covers voice phishing attacks. Plus, a new attack spotlight “Video Conferencing Scams” that includes a campaign with posters and communications. Finally, we have (20) assets that were updated - a revised GDPR Overview interactive training module and (19) training videos updated for diversity to improve inclusiveness and representation of global workforces:

• “ICS: An Introduction” – An Industrial Control System (ICS) network operates and automates industrial processes and leverages hardware and software to monitor real-world industrial environments. This training provides an overview of industrial control systems—also known as process control systems (PCS)—and the challenges of securing these environments.

• “Vishing” – Vishing is essentially criminal phone fraud. Vishing attacks, a type of social engineering, can happen in both your personal and professional lives. This module provides guidance on how to identify and recognize the signs of a vishing phone call.

• “Attack Spotligt: Video Conference Scams” – With so many people working remotely due to the COVID-19 pandemic video teleconferencing services have become essential for meetings and collaboration. This has created an opportunity for cyber attackers. The attack spotlight campaign on video conferencing will help educate your users on how to spot and avoid these deceptions.

• Avoiding Dangerous Attachments
• Avoiding Dangerous Links
• Business Email Compromise
• Data Entry Phishing
• Insider Threat Overview
• Introduction to Phishing
• Mitigating Compromised Devices
• Mobile App Security
• Physical Security
• PII Fundamentals
• PIN and Password Protection
• Protecting Against Ransomware
• Safe Social Networks
• Safer Web Browsing
• Security Essentials
• Social Engineering
• Travel Security
• USB Device Safety
• Workplace Security in Action