Forum Discussion

CzkLTPR's avatar
CzkLTPR
Copper Contributor
Apr 03, 2024

Attack simulation training, Credential Harvest - flag real login credentials

Hello,
Is it possible in Attack simulation training, Credential Harvest to flag users who have entered their real login details in the login screen ?

Unfortunately, currently the user is marked as "Compromised" for both - false credentials and real credentials.
I have not found any information to highlight the entry of true login credentials.

  • No, that's not possible. And it shouldn't be possible. Every user that gotten thus far needs to be flagged 🙂
  • ExMSW4319's avatar
    ExMSW4319
    Steel Contributor
    I have known users who were suspicious and deliberately typed wrong credentials to see what would happen. Of course, that is not a good idea if the intention is a malware drop rather than a credential phish, and they are also assuming that they can distinguish between a genuine "wrong password" response and a phishing engine that composes an excuse or simply does not respond once the data is stolen.

Resources