Something surprising happened last week. A few of our customers reported that their phish-prone percentage was going up. Up? Yes, up. Not something you normally would expect or particularly want.
So, what happened? We looked into it. Guess what.
They had started using the new Full Random feature, where each employee gets a different simulated phishing template, and also spread over time. No more warning each other not to click on phishing links. They all suddenly needed to think for themselves!
After a while, users' security awareness wears off if they get similar "alerts". It's a known phenomenon that some scientists recently gave a fancy new label: "Habituation" - and you can actually see it on an MRI machine. It shows a dramatic drop in attention when a computer user is subjected to just two security warnings in a short time. This blog post explains more.
So, we strongly recommend you start using the new Full Random feature we released last month, to counter the "habituation" and also to block the "prairie dog" effect when users pop up out of their cubicle and warn others not to click on the phishing link. This will really keep your users on their toes with security top of mind. Here is how it looks when you create a new phishing campaign:
Our internal research shows that you need to send at least one phishing campaign per month to all employees. That's the minimum to keep their awareness level high enough (and also keeps your KnowBe4 crypto-ransom guarantee in place). Happy Phishing !
PS: If you are not a KnowBe4 customer, you should find out how affordable our security awareness training is for your organization. Get a quote, the cost is a no-brainer.
