Your Company - Linkedin 2014

Issued to: secadmin@yourcompany.com

Report date: 2014-04-16

Your Company - Linkedin 2014 2014-04-16

Table of Contents

Overview 3

Summary 3

Findings 4

User Activities 5

Over time 5

Activity bands 5

Activity following campaign launch 6

Browser data 7

Browsers, platform and plugins distributions 7

Vulnerable browsers and plugins 9

Comparing vulnerable and safe users 11

Appendices 13

User lists 13

Opened Mail Users 13

Remote Images Enabled Users 14

Clicked Link Users 14

Credentials Submitted Users 15

Vulnerable Users 16

Repeat Offenders 16

Per User Reports 18

Your Company - Linkedin 2014 2014-04-16

3 of 32

Overview

This is an automatically generated report for the Phish5 campaign "Your Company - Linkedin

2014" using live data. The report begins with a summary of the campaign, then provides

descriptive graphs and statistics related to the campaign. In the appendices are listed full

records for all users affected by the campaign.

Summary

Name: Your Company - Linkedin 2014

Description: Your Company - Linkedin campaign

ID: 764

x

Report date: 2014-04-16 12:00

Campaign created: 2014-03-19 15:36

Campaign ends: 2014-03-28 13:15

Mailing started: 2014-03-19 15:59

Mailing ended: 2014-03-19 16:00

x

Options

Include in aggregate stats: Yes

Browser security: Yes

Notify mailbox: secadmin@yourcompany.com

Notify on: open post

x

State

Campaign state: Ended

Targets: 108

Mails sent: 108

Phishing website

URL: linkedin.com.server-a.net

Landing page: Yes

Auth page: Yes

Your Company - Linkedin 2014 2014-04-16

4 of 32

Findings

39 users opened the mail (36.1%)

17 users had enabled remote loading in their clients (15.7%)

32 users browser the phishing page (29.6%)

13 users gave away credentials (12.0%)

2 users had been previously phished (1.9%)

1. The number of mails opened exceeds the Phish5 average across all customers by 6.1%.

This campaign's targets had a response of 36.1% and the average is 30.0%.

2. The number of phishing links clicked exceeds the Phish5 average across all customers by

8.6%. This campaign's targets had a response of 29.6% and the average is 21.0%.

3. The number of credentials posted is much higher than the Phish5 average, 6.0% more than

the average. This campaign's targets had a response of 12.0% and the average is 6.0%.

4. 17 users had remote images enabled, which lets phishers or other scammers detect when

emails have been opened. Consider disabling remote image loads across your

organisation's mail clients.

5. 32 users clicked on links and browsed the site. Merely browsing the site opens the user up

to potential drive-by attacks, and there were targets in this campaign that had vulnerable

browsers or plugins.

6. 13 users provided credentials. This is concerning since even a single set of credentials can

provide a foothold that is widened to further access.

7. 24 users were vulnerable to browser or plugins issues. This is concerning since even a

single compromised browser can provide a foothold that is widened to further access.

Vulnerable browsers and plugins should be subjected to mandatory automatic updates.

8. 2 users had been previously phished.

9. The first phished credentials were collected 8m after the campaign launch.

Your Company - Linkedin 2014 2014-04-16

5 of 32

User Activities

Each campaign is centered on a target list of potential victims. Once the campaign is

launched, we record each activity by every victims.

Over time

This graph shows user activity over the lifespan of the campaign and helps determine what

happened at each point in time that the campaign was running. All activities are shown, even

repeated events. It is very typical to see a flurry of activity early in the campaign, and as time

goes on the counts' rate of increase slows.

User Activities

Activity bands

This table shows the time taken for a given percentage of users to have performed an activity

since the start of the campaign (the 'First' column shows the time to the very first recorded

instance of that activity.)

First 20% 40% 60% 80% 100%

Remotes 5m Never Never Never Never Never

Clicks 69s 43.5hr Never Never Never Never

Posts 8m Never Never Never Never Never

Your Company - Linkedin 2014 2014-04-16

6 of 32

Activity following campaign launch

These two graphs shows three types of user actions recorded over the first 24 hours of the

campaign, and over the entire campaign. Only the first action per user is displayed, as

subsequent repeats by them don't significantly change their risk profile. Time 0 is when the

campaign was launched.

Activity in First 24 Hours Activity in Entire Campaign

This graph shows when users were active each day, and indicates those times that users

appear to be most susceptible to attacks.

Time of Day Activity (UTC)

Your Company - Linkedin 2014 2014-04-16

7 of 32

Browser data

As users react to the phishing mails by opening the mails and visiting your phishing website,

we record information about their browsers.

Browsers, platform and plugins distributions

The graphs below show the breakdown of browser vendors and platforms amongst your

victims who visited the phishing site.

Browser Distribution

Platform Distribution

Your Company - Linkedin 2014 2014-04-16

8 of 32

The graph below shows the total split of plugins amongst all users.

Plugin Distribution

Your Company - Linkedin 2014 2014-04-16

9 of 32

Vulnerable browsers and plugins

Narrowing the data further, we come to vulnerable browsers and plugins.

The pie charts and tables below show how the population of users with vulnerable browsers and

plugins are made up.

Vulnerable Browser Distribution

Name Count Pct

Safari 7 58.3 %

Internet Explorer 4 33.3 %

Firefox 1 8.3 %

Total 12 100 %

Your Company - Linkedin 2014 2014-04-16

10 of 32

Vulnerable Plugin Distribution

Name Count Pct

Silverlight 16 42.1 %

AdobeReader 8 21.1 %

Java 6 15.8 %

Flash 3 7.9 %

Shockwave 2 5.3 %

VLC 2 5.3 %

WindowsMediaPlayer 1 2.6 %

Total 38 100 %

Your Company - Linkedin 2014 2014-04-16

11 of 32

Comparing vulnerable and safe users

The bar graphs below compare the vulnerable browser and plugin groups to their safe population

equivalents.

Browser Comparison Plugin Comparison

Your Company - Linkedin 2014 2014-04-16

12 of 32

Conclusion

This is an autmated report generated by secadmin@yourcompany.com for the Phish5

campaign "Your Company - Linkedin 2014".

If you have questions, comments or suggestions please contact humans@phish5.com.

Your Company - Linkedin 2014 2014-04-16

13 of 32

Appendices

User lists

Opened Mail Users

• user100@yourcompany.com

• user102@yourcompany.com

• user107@yourcompany.com

• user12@yourcompany.com

• user14@yourcompany.com

• user16@yourcompany.com

• user18@yourcompany.com

• user19@yourcompany.com

• user27@yourcompany.com

• user30@yourcompany.com

• user34@yourcompany.com

• user35@yourcompany.com

• user3@yourcompany.com

• user41@yourcompany.com

• user42@yourcompany.com

• user43@yourcompany.com

• user44@yourcompany.com

• user47@yourcompany.com

• user51@yourcompany.com

• user54@yourcompany.com

• user56@yourcompany.com

• user58@yourcompany.com

• user59@yourcompany.com

• user5@yourcompany.com

• user62@yourcompany.com

• user63@yourcompany.com

• user65@yourcompany.com

• user66@yourcompany.com

• user69@yourcompany.com

• user6@yourcompany.com

• user80@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

14 of 32

• user83@yourcompany.com

• user86@yourcompany.com

• user87@yourcompany.com

• user89@yourcompany.com

• user90@yourcompany.com

• user94@yourcompany.com

• user95@yourcompany.com

• user9@yourcompany.com

Remote Images Enabled Users

• user100@yourcompany.com

• user12@yourcompany.com

• user18@yourcompany.com

• user19@yourcompany.com

• user27@yourcompany.com

• user3@yourcompany.com

• user43@yourcompany.com

• user44@yourcompany.com

• user47@yourcompany.com

• user56@yourcompany.com

• user59@yourcompany.com

• user63@yourcompany.com

• user69@yourcompany.com

• user6@yourcompany.com

• user83@yourcompany.com

• user90@yourcompany.com

• user95@yourcompany.com

Clicked Link Users

• user100@yourcompany.com

• user102@yourcompany.com

• user107@yourcompany.com

• user14@yourcompany.com

• user16@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

15 of 32

• user18@yourcompany.com

• user27@yourcompany.com

• user30@yourcompany.com

• user34@yourcompany.com

• user35@yourcompany.com

• user3@yourcompany.com

• user41@yourcompany.com

• user42@yourcompany.com

• user43@yourcompany.com

• user51@yourcompany.com

• user54@yourcompany.com

• user56@yourcompany.com

• user58@yourcompany.com

• user5@yourcompany.com

• user62@yourcompany.com

• user63@yourcompany.com

• user65@yourcompany.com

• user66@yourcompany.com

• user6@yourcompany.com

• user80@yourcompany.com

• user86@yourcompany.com

• user87@yourcompany.com

• user89@yourcompany.com

• user90@yourcompany.com

• user94@yourcompany.com

• user95@yourcompany.com

• user9@yourcompany.com

Credentials Submitted Users

• user102@yourcompany.com

• user16@yourcompany.com

• user18@yourcompany.com

• user34@yourcompany.com

• user51@yourcompany.com

• user58@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

16 of 32

• user5@yourcompany.com

• user62@yourcompany.com

• user63@yourcompany.com

• user87@yourcompany.com

• user94@yourcompany.com

• user95@yourcompany.com

• user9@yourcompany.com

Vulnerable Users

• user3@yourcompany.com

• user6@yourcompany.com

• user9@yourcompany.com

• user14@yourcompany.com

• user16@yourcompany.com

• user18@yourcompany.com

• user30@yourcompany.com

• user34@yourcompany.com

• user42@yourcompany.com

• user43@yourcompany.com

• user51@yourcompany.com

• user54@yourcompany.com

• user58@yourcompany.com

• user62@yourcompany.com

• user63@yourcompany.com

• user65@yourcompany.com

• user66@yourcompany.com

• user80@yourcompany.com

• user87@yourcompany.com

• user90@yourcompany.com

• user95@yourcompany.com

• user100@yourcompany.com

• user102@yourcompany.com

• user107@yourcompany.com

Repeat Offenders

Your Company - Linkedin 2014 2014-04-16

17 of 32

• user18@yourcompany.com

• user58@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

18 of 32

Per User Reports

user1@yourcompany.com

No records for user.

user2@yourcompany.com

No records for user.

user3@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-19 15:41:59)

• Clicks: 2 (Last at 2014-03-22 15:22:52)

Client side technology:

• Safari 7.0.0.0 (Version detected is vulnerable.)

• Javascript (Javascript was enabled.)

user4@yourcompany.com

No records for user.

user5@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 15:41:47)

• Credentials: 1 (Last at 2014-03-19 15:41:56)

user6@yourcompany.com

Actions:

• Remote Images: 4 (Last at 2014-03-20 12:59:10)

• Clicks: 2 (Last at 2014-03-20 12:59:20)

Client side technology:

• Javascript (Javascript was enabled.)

• Safari 7.0.0.0 (Version detected is vulnerable.)

user7@yourcompany.com

No records for user.

user8@yourcompany.com

No records for user.

user9@yourcompany.com

Actions:

Your Company - Linkedin 2014 2014-04-16

19 of 32

• Clicks: 2 (Last at 2014-03-19 15:53:23)

• Credentials: 1 (Last at 2014-03-19 15:53:18)

Client side technology:

• Javascript (Javascript was enabled.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• AdobeReader 11.0.3 (Version detected is vulnerable.)

• VLC 2.0.6.0 (Version detected is vulnerable.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

• Java 1.7.0.25 (Version detected is vulnerable.)

user10@yourcompany.com

No records for user.

user11@yourcompany.com

No records for user.

user12@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-19 22:09:41)

user13@yourcompany.com

No records for user.

user14@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 16:28:37)

Client side technology:

• VBScript (VBScript was enabled.)

• Javascript (Javascript was enabled.)

• ActiveX (ActiveX was enabled, without filtering.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

• IE 10.0.9200.16798 (Version detected does not have known vulnerabilities.)

user15@yourcompany.com

No records for user.

user16@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

20 of 32

Actions:

• Clicks: 1 (Last at 2014-03-20 14:33:06)

• Credentials: 1 (Last at 2014-03-20 14:33:21)

Client side technology:

• Javascript (Javascript was enabled.)

• AdobeReader 10.1.9 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

user17@yourcompany.com

No records for user.

user18@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-25 12:50:20)

• Clicks: 2 (Last at 2014-03-20 10:34:35)

• Credentials: 3 (Last at 2014-03-20 10:34:40)

Client side technology:

• Javascript (Javascript was enabled.)

• AdobeReader 11.0.3 (Version detected is vulnerable.)

• QuickTime 7.7.5 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20913.0 (Version detected does not have known vulnerabilities.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

user19@yourcompany.com

Actions:

• Remote Images: 2 (Last at 2014-03-21 11:19:25)

user20@yourcompany.com

No records for user.

user21@yourcompany.com

No records for user.

user22@yourcompany.com

No records for user.

Your Company - Linkedin 2014 2014-04-16

21 of 32

user23@yourcompany.com

No records for user.

user24@yourcompany.com

No records for user.

user25@yourcompany.com

No records for user.

user26@yourcompany.com

No records for user.

user27@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-21 08:18:00)

• Clicks: 3 (Last at 2014-03-21 09:24:26)

user28@yourcompany.com

No records for user.

user29@yourcompany.com

No records for user.

user30@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-19 15:51:06)

Client side technology:

• VBScript (VBScript was enabled.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

• ActiveX (ActiveX was enabled, without filtering.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• IE 10.0.9200.16798 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

• Java 1.7.0.25 (Version detected is vulnerable.)

user31@yourcompany.com

No records for user.

user32@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

22 of 32

No records for user.

user33@yourcompany.com

No records for user.

user34@yourcompany.com

Actions:

• Clicks: 4 (Last at 2014-03-20 16:09:20)

• Credentials: 2 (Last at 2014-03-19 23:16:12)

Client side technology:

• Javascript (Javascript was enabled.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• AdobeReader 11.0.3 (Version detected is vulnerable.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• VLC 2.1.3.0 (Version detected does not have known vulnerabilities.)

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• Chrome 33.0.1750.166 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

user35@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 15:52:54)

user36@yourcompany.com

No records for user.

user37@yourcompany.com

No records for user.

user38@yourcompany.com

No records for user.

user39@yourcompany.com

No records for user.

user40@yourcompany.com

No records for user.

user41@yourcompany.com

Actions:

Your Company - Linkedin 2014 2014-04-16

23 of 32

• Clicks: 2 (Last at 2014-03-21 11:26:01)

user42@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 16:14:55)

Client side technology:

• VBScript (VBScript was enabled.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

• ActiveX (ActiveX was enabled, without filtering.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• IE 10.0.9200.16798 (Version detected does not have known vulnerabilities.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

user43@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-19 15:43:40)

• Clicks: 1 (Last at 2014-03-19 15:44:02)

Client side technology:

• Safari 7.0.0.0 (Version detected is vulnerable.)

• Javascript (Javascript was enabled.)

user44@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-19 15:42:50)

user45@yourcompany.com

No records for user.

user46@yourcompany.com

No records for user.

user47@yourcompany.com

Actions:

• Remote Images: 3 (Last at 2014-03-20 15:53:57)

user48@yourcompany.com

No records for user.

Your Company - Linkedin 2014 2014-04-16

24 of 32

user49@yourcompany.com

No records for user.

user50@yourcompany.com

No records for user.

user51@yourcompany.com

Actions:

• Clicks: 20 (Last at 2014-03-19 19:14:13)

• Credentials: 3 (Last at 2014-03-19 19:12:56)

Client side technology:

• VBScript (VBScript was enabled.)

• Javascript (Javascript was enabled.)

• ActiveX (ActiveX was enabled, without filtering.)

• QuickTime 7.7.4 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• IE 10.0.9200.16798 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Shockwave 11.6.8.638 (Version detected is vulnerable.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• QuickTime 7.7.4 (Version detected does not have known vulnerabilities.)

• Shockwave 11.6.8.638 (Version detected is vulnerable.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• AdobeReader 11.0.6 (Version detected does not have known vulnerabilities.)

• Java 1.7.0.25 (Version detected is vulnerable.)

• VBScript (VBScript was enabled.)

• IE 7.0.5730.13 (No safe or vulnerable version numbers matched)

• Javascript (Javascript was enabled.)

• ActiveX (ActiveX was enabled, without filtering.)

• Flash 11.7.700.224 (Version detected is vulnerable.)

• Silverlight 5.1.30214.0 (Version detected does not have known vulnerabilities.)

• WindowsMediaPlayer 11.0.5721.5280 (Version detected is vulnerable.)

• AdobeReader 10.1.0 (Version detected is vulnerable.)

Your Company - Linkedin 2014 2014-04-16

25 of 32

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

user52@yourcompany.com

No records for user.

user53@yourcompany.com

No records for user.

user54@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 15:46:14)

Client side technology:

• VBScript (VBScript was enabled.)

• Javascript (Javascript was enabled.)

• ActiveX (ActiveX was enabled, without filtering.)

• IE 9.0.8112.16421 (Version detected is vulnerable.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

user55@yourcompany.com

No records for user.

user56@yourcompany.com

Actions:

• Remote Images: 3 (Last at 2014-03-23 16:14:52)

• Clicks: 2 (Last at 2014-03-19 17:07:48)

Client side technology:

• safari 534.30 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

user57@yourcompany.com

No records for user.

user58@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-20 14:08:20)

• Credentials: 1 (Last at 2014-03-20 14:08:38)

Client side technology:

Your Company - Linkedin 2014 2014-04-16

26 of 32

• safari 534.30 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

• VBScript (VBScript was enabled.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• ActiveX (ActiveX was enabled, without filtering.)

• Javascript (Javascript was enabled.)

• IE 9.0.8112.16421 (Version detected is vulnerable.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

• Java 1.7.0.25 (Version detected is vulnerable.)

user59@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-19 19:37:15)

user60@yourcompany.com

No records for user.

user61@yourcompany.com

No records for user.

user62@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-21 11:30:27)

• Credentials: 1 (Last at 2014-03-21 11:30:18)

Client side technology:

• Javascript (Javascript was enabled.)

• Java 1.7.0.25 (Version detected is vulnerable.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

• Firefox 26.0 (Version detected is vulnerable.)

• PDFjs ? (PDFjs was enabled.)

• AdobeReader 11.0.3 (Version detected is vulnerable.)

user63@yourcompany.com

Actions:

• Remote Images: 7 (Last at 2014-03-20 19:55:43)

• Clicks: 13 (Last at 2014-03-20 19:55:59)

• Credentials: 6 (Last at 2014-03-20 19:04:52)

Client side technology:

Your Company - Linkedin 2014 2014-04-16

27 of 32

• Safari 7.0.0.0 (Version detected is vulnerable.)

• Javascript (Javascript was enabled.)

user64@yourcompany.com

No records for user.

user65@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-20 10:46:58)

Client side technology:

• Javascript (Javascript was enabled.)

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• QuickTime 7.7.5 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

user66@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 15:45:25)

Client side technology:

• VBScript (VBScript was enabled.)

• Javascript (Javascript was enabled.)

• Flash 11.9.900.152 (Version detected is vulnerable.)

• IE 9.0.8112.16421 (Version detected is vulnerable.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• ActiveX (ActiveX was enabled, without filtering.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

• AdobeReader 11.?.? (Could not determine whether the version was vulnerable.)

user67@yourcompany.com

No records for user.

user68@yourcompany.com

No records for user.

user69@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-21 14:00:25)

Your Company - Linkedin 2014 2014-04-16

28 of 32

user70@yourcompany.com

No records for user.

user71@yourcompany.com

No records for user.

user72@yourcompany.com

No records for user.

user73@yourcompany.com

No records for user.

user74@yourcompany.com

No records for user.

user75@yourcompany.com

No records for user.

user76@yourcompany.com

No records for user.

user77@yourcompany.com

No records for user.

user78@yourcompany.com

No records for user.

user79@yourcompany.com

No records for user.

user80@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-19 20:09:36)

Client side technology:

• VBScript (VBScript was enabled.)

• IE 9.0.8112.16421 (Version detected is vulnerable.)

• Silverlight 5.1.20513.0 (Version detected is vulnerable.)

• Javascript (Javascript was enabled.)

• WindowsMediaPlayer 12.0.7601.18150 (Version detected does not have known vulnerabilities.)

• Flash 11.7.700.202 (Version detected is vulnerable.)

• ActiveX (ActiveX was enabled, without filtering.)

Your Company - Linkedin 2014 2014-04-16

29 of 32

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• AdobeReader 10.1.0 (Version detected is vulnerable.)

user81@yourcompany.com

No records for user.

user82@yourcompany.com

No records for user.

user83@yourcompany.com

Actions:

• Remote Images: 1 (Last at 2014-03-19 16:05:37)

user84@yourcompany.com

No records for user.

user85@yourcompany.com

No records for user.

user86@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-20 12:19:29)

Client side technology:

• VBScript (VBScript was enabled.)

user87@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-21 13:17:25)

• Credentials: 2 (Last at 2014-03-21 13:17:35)

Client side technology:

• Javascript (Javascript was enabled.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.10411.0 (Version detected is vulnerable.)

user88@yourcompany.com

No records for user.

user89@yourcompany.com

Actions:

Your Company - Linkedin 2014 2014-04-16

30 of 32

• Clicks: 7 (Last at 2014-03-20 06:20:23)

user90@yourcompany.com

Actions:

• Remote Images: 2 (Last at 2014-03-20 16:20:54)

• Clicks: 2 (Last at 2014-03-26 15:48:02)

Client side technology:

• Javascript (Javascript was enabled.)

• Safari 7.0.0.0 (Version detected is vulnerable.)

user91@yourcompany.com

No records for user.

user92@yourcompany.com

No records for user.

user93@yourcompany.com

No records for user.

user94@yourcompany.com

Actions:

• Clicks: 7 (Last at 2014-03-20 13:54:11)

• Credentials: 5 (Last at 2014-03-20 13:54:08)

Client side technology:

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• Javascript (Javascript was enabled.)

• Silverlight 5.1.20913.0 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

user95@yourcompany.com

Actions:

• Remote Images: 4 (Last at 2014-03-19 18:34:28)

• Clicks: 5 (Last at 2014-03-19 18:34:56)

• Credentials: 3 (Last at 2014-03-19 16:22:03)

Client side technology:

• Javascript (Javascript was enabled.)

• Safari 7.0.0.0 (Version detected is vulnerable.)

user96@yourcompany.com

No records for user.

Your Company - Linkedin 2014 2014-04-16

31 of 32

user97@yourcompany.com

No records for user.

user98@yourcompany.com

No records for user.

user99@yourcompany.com

No records for user.

user100@yourcompany.com

Actions:

• Remote Images: 2 (Last at 2014-03-19 17:12:20)

• Clicks: 1 (Last at 2014-03-19 15:51:12)

Client side technology:

• Javascript (Javascript was enabled.)

• Safari 7.0.0.0 (Version detected is vulnerable.)

user101@yourcompany.com

No records for user.

user102@yourcompany.com

Actions:

• Clicks: 1 (Last at 2014-03-19 16:00:54)

• Credentials: 1 (Last at 2014-03-19 16:09:51)

Client side technology:

• Javascript (Javascript was enabled.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• Silverlight 5.1.20913.0 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• VLC 2.0.6.0 (Version detected is vulnerable.)

• Java 1.7.0.51 (Version detected does not have known vulnerabilities.)

• AdobeReader 11.0.3 (Version detected is vulnerable.)

user103@yourcompany.com

No records for user.

user104@yourcompany.com

No records for user.

user105@yourcompany.com

Your Company - Linkedin 2014 2014-04-16

32 of 32

No records for user.

user106@yourcompany.com

No records for user.

user107@yourcompany.com

Actions:

• Clicks: 2 (Last at 2014-03-31 13:50:43)

Client side technology:

• Javascript (Javascript was enabled.)

• Chrome 33.0.1750.154 (Version detected does not have known vulnerabilities.)

• Flash 12.0.0.77 (Version detected does not have known vulnerabilities.)

• Java 1.7.0.25 (Version detected is vulnerable.)

• AdobeReader 11.0.3 (Version detected is vulnerable.)

• Silverlight 5.1.20125.0 (Version detected is vulnerable.)

user108@yourcompany.com

No records for user.