Caught in the phishing trap? Here’s how Carconnex solved that
Carconnex, a major European B2B car importer, never expected to lose money in a cyberattack. When it did happen, it became obvious why a premium service should go hand in glove with premium phishing training for their staff. They partnered with Phished, and results were immediate.
Why Carconnex chose Phished
In the beginning, Carconnex COO Kevin Schierhout was not a believer. "I always thought we could do it better ourselves," he says. "It can't be that an external company is better at personalising phishing simulations for our employees than we are. But it turned out we were wrong: the results are there to see. The phishing rate in the company has dropped by 45%, and that is literally worth a lot of money!"
Every premium service needs security awareness
“Quality cars & premium service” has been Carconnex’ slogan for years. From the way they handle their digital data and the training of their employees, it’s obvious that they take this focus on quality and service seriously. But, what do cars have to do with data? In these digital times: a whole lot. Read on!
No data in the wrong hands
When a malicious e-mail slipped through the cracks and an employee transferred money to an unofficial bank account, Kevin Schierhout immediately realised that firm action was needed. "The phishing message claimed our supplier changed account numbers," he says, “which we believed. Fortunately, the damage was limited, but it did make us see how important it is to watch over our digital data. That too is part of a premium service. Our customers must be certain that we are a reliable party, that they can trust us with their data. This also means that every employee must learn the right reflexes.”
"By becoming a victim ourselves, we suddenly understood how important it is to watch over our digital data. That too is part of a premium service."
Data protection starts with well-trained employees
Carconnex's results exceed expectations: they sell over 8,000 cars a year to more than 500 different European customers. "That also makes us extra vulnerable," says Kevin Schierhout. "If our data is out there, we have literally lost a wealth of information. That's just a no-go. So I started looking for a solution to train our employees in security awareness. We started with an open source product that required us to make simulations manually and the results were unconvincing. Then I came into contact with Phished. And I will be honest: at first I really had my doubts. I found it hard to believe that AI-generated simulations would be good enough. Surely an AI like that doesn't know my company and my staff? But they suggested that I do a test, and it was very convincing."
From 50 to 5% with Phished
For Kevin Schierhout, the Phished solution came at just the right time. Especially because it is completely plug-and-play and you can use it right away. Maintenance is also minimal. "You would think that the quality would suffer for that," says Kevin. "But the opposite is true. The system sends better simulations than we were ever able to make. Thanks to the Phished AI, our security awareness campaigns are a lot more credible. The results support our conclusion: today less than 5% of employees fall into the phishing trap. It used to be 50%!