What we do

After we send our phishing emails to your employees, we track who opened, clicked and then entered their credentials into our fake web pages. We are then able to present you with statistics, broken down by company department, location, or any other metric you’d like.

Preparation is key to giving you accurate results and making the simulation as realistic as possible. To create authentic and believable scenarios, we couple this Phishing Simulation with our Online Exposure Assessment.

We go through the actions of an attacker to set up a believable email phishing campaign, including:

  • Registering domain names similar to your company name and sending emails using that domain.
  • Carefully constructing emails (either HTML or plaintext format), using a credible scenario that entices recipients to open and click on the embedded link
  • Analysing the results to create revealing statistics (e.g. number of emails opened; how many users clicked the link; how many of those users entered credentials).

Results from the phishing simulation can then be grouped into your departments, showing you any particular teams that are prone to introducing risk into the business and may require Staff Security Awareness Training.


More articles

The latest from the security bureau