Phishy

Thomas, Jacob; Mayse, Derrck; Waters, Travis; Library Service, CECH

Student Work

Phishy Open Access Deposited

Analytics

Download PDF

Download Adobe Acrobat Reader

Date Uploaded: 02/15/2022
Date Modified: 02/15/2022

Phishy is a service intended for security administrators in order to allow them to launch several simultaneous, simulated phishing campaigns to gauge and improve the phishing awareness of employees within their organization. With our service, we want to take security awareness training to the next level. We designed Phishy to help combat the major phishing problem companies face today and to help better educate employees on the dangers of phishing. Currently, there is not an open-source platform that acts as a “one stop shop” for managing phishing campaigns and users’ phishing awareness training. Phishy fills this need by helping its users launch realistic phishing campaigns, utilizing WGET to clone websites in order to create realistic phishing situations. Along with giving users the ability to create practical phishing training for their organization, live visual and data analytics will be provided with tools such as Elasticsearch and Kibana. Since we know how busy security professionals are, it would be unlikely that each user who falls for a phishing simulation would be able to receive security training catered to what phishing tactic they fell for. Phishy has the ability to track which users are falling for which phishing scams and enroll them into specific phishing awareness training based on their interactions with the phishing simulation. Our hope is that Phishy will provide security professionals with a comprehensive tool that will allow them to better train and prepare their organization against the dangers of phishing

Creator

License