Global Consumer Goods Company Reduces Phishing Incident Risk

One of Hoxhunt's customers is a globally operating fast-moving consumer good (FMCG) company producing and selling consumer products such as dairy-based beverages, infant nutrition, cheese, and desserts. Through its subsidiaries, the company serves customers in many European countries, as well as in North and South America, Asia and Africa.

With office branches in more than 30 countries, our customer employs nearly 24 000 people in total and their products can be found in more than 100 countries. Having such a wide reach with employees and clients from across the globe, cybersecurity is important to the company.

The Conflict: Manually Created Phishing Training

Detecting and reacting to phishing emails was one of the main cybersecurity challenges for the company. To tackle this challenge, the customer set out to inform the employees about the dangers of phishing with an internal phishing campaign.

Initially, the security team manually created phishing email templates to send to the employees. The templates were distributed twice a year to test phishing awareness, as well as to measure how employees acted in response. Although the testing method was somewhat beneficial, this approach did not achieve a behavioral change across the organization.

In addition to the lack of effective response, the security team also found the testing method is unnecessarily time-consuming due to the manual steps in the process to create and send the phishing email templates.

As a result, the cybersecurity team started looking at options for automating the process. Rather than continuing to lose valuable hours on an inefficient security method, they were looking for a solution that would help employees recognize and respond to phishing threats in a more frequent and automated way.

The Solution: Hoxhunt's Security Engagement Training

The customer started testing Hoxhunt and the integrated automated constant learning environment for its employees. Hoxhunt's training integrated easily into the core working environment and it has been providing users with real-life threat simulations on a regular basis.

Simulation Results with Hoxhunt

With Hoxhunt’s simulations starting to reach the employees' mailboxes and the employees starting to engage in the training, the customer quickly began seeing a decline in the rate when employees clicked on phishing emails. The failure rate dropped from an initial 8% to less than 1%.

Integrating Reporting of Real Threats Into the Email Client

Before Hoxhunt, the employees had to call or email the service desk when they noticed a suspicious email. They would then be instructed to save the email as an attachment and forward it to the service desk. This practice was cumbersome for the user, leading to a low reporting rate of actual phishing emails.

With the integration of the Hoxhunt plugin into the email client, customer’s employees are one-click away from easily reporting any type of suspicious emails. When receiving a Hoxhunt generated phishing simulation email, employees are rewarded for recognizing and reporting those emails to the Hoxhunt platform. When employees receive and report an actual phishing email, the response team is notified instantly and thus they can provide the reporting employee with feedback about the threats being acknowledged. With a Hoxhunt button in every employee’s email client, the company can easily stay on top of threats while simultaneously building a strong human layer of defense.

Many of the customer’s employees gave Hoxhunt a Net Promoter Score (NPS) rating of 9 or higher. Here are three example reactions:

Employee #1

“Practical approaches with simulated phishing emails and details on how to identify and report phishing emails.”

Employee #2

"HoxHunt makes it fun to detect phishing emails, without taking too much time."

Employee #3

“It's fun to get see the dangerous emails. And you learn to spot them, that is also very handy in your private emails.”

Hoxhunt Incident Response Module

With the human layer of defense came a substantial increase in the number of reported threats which caused a work overload at the service desk. In order to reduce the workload while also maintaining the security alert functionality, the company decided to use the Hoxhunt Incident Response module. With the Incident Response module, the reported threats are grouped and categorized by priority. Using the Hoxhunt Incident Response Module solution resulted in a risk-based and acceptable security alerting on phishing incidents towards the service desk.

Furthermore, when the customer encounters a phishing attack, the cybersecurity team can utilize the Hoxhunt dashboard to grasp how big the incident is and how many people have been encountering it. This helps them to assess the threat and react to it in a timely manner.

Going Forward with Hoxhunt

Hoxhunt is providing daily phishing awareness simulations to the customer’s employees. As a result, the company is able to maintain a constant level of awareness and by this influencing employee behavior. At the same time, the solution reduces the effort of users to report actual phishing attacks to the service desk so that a more realistic picture of the phishing risk level is created.

‍