Forum Discussion
CzkLTPR
Apr 03, 2024Copper Contributor
Attack simulation training, Credential Harvest - flag real login credentials
Hello,
Is it possible in Attack simulation training, Credential Harvest to flag users who have entered their real login details in the login screen ?
Unfortunately, currently the user is marked as "Compromised" for both - false credentials and real credentials.
I have not found any information to highlight the entry of true login credentials.
- No, that's not possible. And it shouldn't be possible. Every user that gotten thus far needs to be flagged 🙂
- ExMSW4319Steel ContributorI have known users who were suspicious and deliberately typed wrong credentials to see what would happen. Of course, that is not a good idea if the intention is a malware drop rather than a credential phish, and they are also assuming that they can distinguish between a genuine "wrong password" response and a phishing engine that composes an excuse or simply does not respond once the data is stolen.