Would your employees react correctly to hacker attacks?

With a variety of more than 800 predefined, multilingual attack simulations (phishing, malware, smishing, USB attacks, etc.) you can test whether your employees are really familiar with the dangers of the Internet. LUCY provides a “safe learning environment” where employees can experience what real attacks would feel like. LUCY enables you to simulate the full threat landscape that goes beyond just simple phishing emails:

• 800+ attack templates
• Ransomware simulations
• Portable Media Attacks (USB, CD, etc.)
• Malware Simulations (Office macros, Java, etc.)
• File-Based Attacks (PDF, Audio, etc.)
• Spoofing Attacks (Website Cloner, SMS & Mail spoofing)
• …and many more

Turn your employees into human firewalls

The LUCY Mail Plugin for Gmail, Outlook & Office365 actively integrates your employees into the detection of and the fight against cyber attacks. Suspicious emails can be reported with just one click and removed from the Inbox. In the LUCY environment the emails are then analyzed and evaluated. Automatic feedback gives the user the risk score. If the suspect email is a real attack, it can be reported to the responsible provider with the Threat Mitigator.

• Report Emails with a single click
• Plug-In available for Desktop & Mobile
• Deep inspection request
• Automatic Incident Analysis
• Incident Auto Feedback
• Threat Mitigation
• Custom rule-based analysis
• Plugin customisation options
• Third party integration
• Identify attacks with common patterns
• Incident user reputation profiles
• …and many more

Image: Phishing Button:

Monitor attack statistics and eLearning progress in real-time! Track all attack simulation statistics like the number of emails that were opened, how many links were clicked, and how many attacks were successful. Measure your eLearning progress with training stats and quiz results. You can then easily export your data as CSV, API, PDF, HTML, or DOCX.

• Export Features
• Bounce and Out-of-Office Reporting
• Landing Page Time Tracking
• Comprehensive Reporting
• Comparison
• Benchmark
• Realtime Dashboard
• Business Intelligence
• Advanced Video tracking
• Multi-tenant view-only access
• Advanced Quiz tracking
• Support for anonymization and data protection

With the use of phishing simulation you now know that X% of your employees downloaded and executed an unknown file. But from a technical point of view, what kind of dangerous file types can get to the employee and how big is the risk if such a file is actually executed?

The E-mail and Internet malware protection test gives you an insight into how your mail server and web proxy handle different variations of test files. This allows you to see whether potential malicious code, such as Java files, backdoors, scripts, embedded Office Objects, etc., is detected and blocked by the filter infrastructure. Based on these results, you can then carry out targeted phishing campaigns.

To reduce the risk from malware in your environment, you need safe and effective ways to test your systems. This is where LUCY’s Malware Simulation Toolkit (LHFC) comes into play. LHFC is an advanced malware simulation suite capable of emulating various threat scenarios equivalent to many of the tools that hackers employ. The local Windows test (LHFC) will let you know if your defenses work in case an employee executes a malicious file.

Image: Malware Simulation (LHFC)

• Does your AV detect known Malware downloads?
• Is your SIEM able to trigger activities from this tool?
• Is Malware able to modify System Settings?
• Is Malware able to communicate to external servers?
• Can Malware access sensitive data on the local host or your intranet?
• What type of file types can be sent as attachments to the end user?
• What type of file types can be downloaded from a website by the user?
• Does your internet- and mail protection software detect potential malware?
• Does your internet- and mail protection software detect masked malware?
• …and many more