What we do

After we send our phishing emails to your employees, we track who opened, clicked and then entered their credentials into our fake web pages. We are then able to present you with statistics, broken down by company department, location, or any other metric you’d like.

Preparation is key to giving you accurate results and making the simulation as realistic as possible. To create authentic and believable scenarios, we couple this Phishing Simulation with our Online Exposure Assessment.

We go through the actions of an attacker to set up a believable email phishing campaign, including:

  • Registering domain names similar to your company name and sending emails using that domain.
  • Carefully constructing emails (either HTML or plaintext format), using a credible scenario that entices recipients to open and click on the embedded link
  • Analysing the results to create revealing statistics (e.g. number of emails opened; how many users clicked the link; how many of those users entered credentials).

Results from the phishing simulation can then be grouped into your departments, showing you any particular teams that are prone to introducing risk into the business and may require Staff Security Awareness Training.


More articles

The latest from the security bureau

We are now Informer

It’s been a busy start to 2020. Behind the scenes, we’ve been enhancing our SaaS platform, rebuilding our website and rebranding to Informer. Since 2014, The Security Bureau has helped our customers identify vulnerabilities in their systems and applications with our penetration testing services. As the security landscape has changed, we’re now taking a SaaS […]

Why financial services need penetration testing in 2020

It’s that time of year again, where we try to shed the festive pounds and look to the year ahead. 2020 promises to be an interesting time for cybersecurity in financial services. Not least because of Brexit and the US presidential election. Here’s our essential cybersecurity in 2020 lowdown.