Skip to main content

Building an Intelligent, Automated Tiered Phishing System: Matching the Message Level to User Ability

Phishing campaigns and the procedures to run them have remained unchanged since the dawn of the modern era of security awareness training platforms in 2012. The present model uses templates sent at random, assigned based on the level of difficulty of the template, not the user. This study creates a new phishing model, method, and process in which the system matches the phishing message difficulty level to the user’s skill level. The new design factors the current aptitude of the user and the level of the message difficulty. The system is intelligent, automated, dynamic, and platform-agnostic to scale for the size of the enterprise. Analysis of the tiered system produced statistically significant results indicating that the system improves the user’s ability to detect phishing. The system systematically builds the user's skill level and commensurately decreases the risk of falling victim to phishing attacks. There are no other known documented systems like this that are in use at this time. The study discusses forward-looking observations on how practitioners could further enhance this new system when used with User Behavior Analytics and Risk Scoring.

sans-building-an-intelligent-automated-tiered-phishing-system-matching-the-message-level-to-user-ability (PDF, 1.27MB)

12 Jan 2022
ByGeoffrey Parker
Share
All papers are copyrighted

No re-posting of papers is permitted

Related Content

Structural Vulnerability: Autodesk Revit Server WAN Exposure Versus Cost of Autodesk Construction Cloud

Research Paper

Autodesk Revit Server, a critical collaboration tool in the architecture, engineering, and construction (AEC) industry, was designed to operate within trusted networks.

  • 7 Nov 2025
  • Joshua Hall

Privacy Protections: Are Stronger Laws Changing What We Reveal?

Research Paper

As U.S. states enact privacy laws aimed at giving consumers more control over their personal data, little is known about whether privacy legislation influences individuals’ willingness to disclose their identity on public platforms.

  • 26 Sep 2025
  • Katie Christensen

Forensic Investigation of Bluetooth-Based Credit Card Skimmers

Research Paper

Hidden Bluetooth Low Energy (BLE) credit skimmers are a growing threat to credit card fraud. Criminals can set up practical and inexpensive systems built on top of modules, such as the HM-19, to collect and transmit stolen data covertly across wireless channels.

  • 3 Sep 2025
  • John Passaro

A Pebble In the Ocean: Maximizing Log Fidelity In Container Environments

Research Paper

Log fidelity is crucial for Incident Response Teams to investigate and contain cyber incidents but can be difficult to optimize in containerized environments.

  • 17 Apr 2025
  • Zach Salva

Unveiling the Dependency on Network Telemetry: Optimizing Lateral Movement Detection

Research Paper

This study investigates the dependency on network and endpoint telemetry for identifying lateral movement attacks, focusing on the Remote Services technique from MITRE ATT&CK.

  • 17 Jan 2025
  • Kyu Jin Therrien

Beyond Detection: Using Real Phishing Data to Gauge Security Training Program Success

Research Paper

This paper defines one method of network security monitoring in an organization to find these existing indicators.

  • 7 Jan 2025
  • Cory Keller

Revolutionizing Enterprise Security: The Exciting Future of Passkeys Beyond Passwords

Research Paper

As digital threats grow increasingly sophisticated, traditional password-based authentication systems are proving inadequate, leaving enterprises vulnerable to phishing, credential stuffing, and other cyberattacks.

  • 23 Dec 2024
  • Rich Greene

Protecting the Poor: A Deep Dive into EBT Skimming and Solutions to Combat It

Research Paper

This paper examines why EBT cards are vulnerable to skimming and explores potential preventive measures.

  • 23 Dec 2024
  • Anthony Vespa

The Open-Source Trap: Unraveling Open-Source Threats in the Software Supply Chain

Research Paper

The risk to the software supply chain is increasingly clear, as breaches like SolarWinds, Equifax,...

  • 5 Dec 2024
  • Clayton Boozell

Hook, Line, and Sinker: The Best Free Tools to Catch Phishing

Research Paper

Phishing has become a widespread threat that organizations and IT security teams face daily. As...

  • 5 Dec 2024
  • Corrina Taylor

SANS 2024 State of ICS/OT Cybersecurity

Research Paper

This white paper, SANS Certified Instructor Jason Christopher explores the growing trends in cyber...

  • 9 Oct 2024
  • SANS Institute

Shining a Light on AI: Ensuring Vendor Transparency in Data Sourcing and Delivery

Research Paper

Amidst the proliferation of AI solutions, the focus lies in evaluating transparency, undisclosed...

  • 29 Jan 2024
  • Brian P. Mohr

Really, How Bad Do Routers Have It?

Research Paper

In recent years, the United States government has warned the public that state-sponsored cyber...

  • 22 Feb 2023
  • Jesse Schibilia

Inoculating the Masses: Evaluating Cybersecurity Awareness Training

Research Paper

Like a disease, cybercrime is spreading across the world. The sums of money lost to these criminals...

  • 22 Sep 2022
  • Shay Christensen

Expired Domain Dumpster Diving

Research Paper

Every day 200,000 domains expire ("DomCop FAQ," n.d.), become available for purchase and possible...

  • 1 Sep 2021
  • Christopher DeWeese

Information Security Starts with the Employees

Research Paper

Organizations continue to spend exorbitant budgets to combat the issue of insider threat with one...

  • 8 Jul 2021
  • Simone Genna

A Swipe and a Tap: Does Marketing Easier 2FA Increase Adoption?

Research Paper

Data breaches and Internet-enabled fraud remain a costly and troubling issue for businesses and home...

  • 19 Nov 2018
  • Preston Ackerman

Online Safety in a Foreign Language - Connecting with Teens

Research Paper

The inescapable dangers of our increasingly connected world are likely most threatening to our young...

  • 16 Oct 2017
  • Chris Elgee

Complement a Vulnerability Management Program with PowerShell

Research Paper

A vulnerability management program is a critical task that all organizations should be running. Part...

  • 10 Aug 2017
  • Colm Kennedy

Hacking the CAN Bus: Basic Manipulation of a Modern Automobile Through CAN Bus Reverse Engineering

Research Paper

The modern automobile is an increasingly complex network of computer systems. Cars are no longer...

  • 20 Jun 2017
  • Roderick Currie