Numerous attack techniques(from phishing to dumpster diving) might result in a credential leak, which can be extremely costly as demonstrated in our report IResponse to IEncrypt.
Infection Monkey can help assess the impact of stolen credentials by automatically searching where these credentials can be reused.
To simulate the damage from a successful phishing attack using the Infection Monkey, choose machines in your network from potentially problematic group of machines, such as the laptop of one of your heavy email users or one of your strong IT users (think of people who are more likely to correspond with people outside of your organization). Execute the Monkey on chosen machines by clicking on “1. Run Monkey” from the left sidebar menu and choosing “Run on machine of your choice”.
To assess the impact of leaked credentials see Security report. It’s possible, that credential leak resulted in even more leaked credentials, for that look into Security report -> Stolen credentials.