As working remotely is more predominant, ensuring your end-users are working securely is more important than ever.
Few months ago, Microsoft has partnered with Terranova Security to provide end-users training kits for Office 365 customers (see https://t.co/whbjd68YIF).
Well, this partnership is now delivering attack simulation scenarios to help maintain/improve your end-uses awareness. This is similar to the attack simulation introduced in 2019 (see https://t.co/0trhQugiLW) but the scenarios are a little bit different and trainings are associated with the simulation.
You can launch one of the 4 scenarios available:
- Credential Harvest which consist of using a link in a message to direct the end-user to a fake/malicious website in order to obtain their credentials
- Malware attachment
- Link in attachment, similar to credential harvest but the link is inside an attachment
- Link to malware
These scenarios are harmless and will help you to re enforce security messaging based on the simulation results.
To launch one of these simulation, connect to your Office 365 Security Center (https://security.microsoft.com/) and access the Attack simulator blade
Then access the Simulations tab to launch one of the scenario
![image_thumb[1]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb1-253.png "image_thumb[1]")
![image_thumb[2]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb2-195.png "image_thumb[2]")
When creating the simulation, you can use one of the many predefined payload or create your own.
For each predefined payloads, you have an estimated positive results with a sample of the payload
![image_thumb[3]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb3-153.png "image_thumb[3]")
![image_thumb[4]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb4-121.png "image_thumb[4]")
Then you can target either specific users or all users within your organization
![image_thumb[5]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb5-78.png "image_thumb[5]")
Then you assign the corresponding training to end-users which are executing the bad actions with a custom message associated with it
![image_thumb[6]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb6-62.png "image_thumb[6]")
![image_thumb[8]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb8-37.png "image_thumb[8]")
Finally you can defined when the simulation will be launched – either immediately after the completion or at a schedule time with the end time when the simulation will be ended and all ‘unused’ payloads will be removed from user’s mailbox
![image_thumb[9]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb9-25.png "image_thumb[9]")
![image_thumb[10]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb10-20.png "image_thumb[10]")
Once the simulation starts, targeted end-users will received the payload in their mailbox and you can monitor the progress of the simulation and assign training using the Overview tab
![image_thumb[11]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb11-24.png "image_thumb[11]")
![image_thumb[12]](https://www.cubesys.com.au/wp-content/uploads/2020/09/image_thumb12-13.png "image_thumb[12]")