Phishing and appropriate protection against it

This master´s thesis deals with the problematics of phishing. This topic, related to the cybernetic security, has been discussed over and over for decades. As the digitization of working environment has become essential in the last years, and mainly, in the last months because of the Covid-19 pandemic, we hear about the issue of phishing more and more often. Phishing is a type of social engineering attacks. These attacks are accomplished through manipulation and deception of human factor in order to break security practices and to obtain sensitive information. The introductory part has been compiled by research and synthesis of information. It provides a general insight into the problematics and describes its history, principles, specifics, methods of defence and legislative enshrinement. The main goal of the thesis is in solving a practical problem of a medium-sized company, which sees the fragility of the digital security and mainly of its most vulnerable part – the user. The accomplishment of the main goal is preceded by the following intermediate steps; preparation of internal phishing campaigns, their subsequent assessment, interpretation of acquired data and following measures. The secondary goal is to propose security suggestions for the company users. The conclusion of the thesis provides further development of the security measures and an outlook for the future phishing problematics. The outcome of the thesis presents the basis of the cybernetic security problematics in the context of social engineering oriented on phishing. It also offers a summary of a particular project of an intern phishing company campaign. The thesis can be used as a current overview of the problematics. Moreover, it can serve as an inspiration for the phishing company campaigns that is an element of the preventive fight against phishing attacks and an educational training of the employees in an effort to protect the society from the digital criminals.