This Simulated Phishing Attack will establish whether your employees are vulnerable to phishing emails, enabling you to take immediate remedial action to improve your cyber security posture.
This test simulates a real-world phishing attack on up to 1,200 of your employees. Book your test today.
This service assesses your staff’s awareness of phishing threats by simulating phishing emails that can range from unsophisticated to a highly targeted campaign. We will capture a wide range of statistics to help evaluate your employees’ awareness. These will be detailed in a report that also identifies business and technical risk, and advises on how to improve staff awareness.
Entirely bespoke to your needs, this test will allow you to define:
We will design and build the attack based on your requirements. This usually involves setting up a domain from which to send the phishing email, which may be designed to closely resemble one of your own domains, developing a template to mimic your organisation’s email templates or those of trusted suppliers, building web pages for phishing emails to direct to, and so on.
Download the full service description
At the end of the test, you will receive a comprehensive report broken down into:
High-level, non-technical summary of your business’s risks.
When the assessment was performed, the type of assessment, the scope of the assessment and the assessment objectives.
Details of the template and landing page used, how it was designed and how users could identify that it was a phishing campaign.
Overview, consultant’s commentary and detailed breakdown of the results, including the number of users who submitted data to the phishing campaign and your overall risk score. This can also be broken down by department and compared against other results.
Download the full service description
This service is suitable for organisations that want to understand their staff’s awareness levels or test the effectiveness of their phishing training programme.
The test simulates a real-world phishing attack on up to 1,200 of your employees, using one phishing template. Price will depend on the number of users targeted.
For a more tailored attack, which could involve multiple attacks/templates and building trusted relationships with users, please contact us for a custom quote.
Identify and understand your employees’ susceptibility to phishing attacks and the business impacts this presents. Quickly find out if there is an internal awareness problem and determine subsequent staff awareness training – an effective way to change end-user behaviour.
Demonstrate a strong security posture to clients by providing third-party assurances.
From the detailed report, you will be able to implement secure measures, thereby reducing the likelihood of a security breach while protecting your brand.
Supports compliance with ISO 27001, the UK DPA (Data Protection Act) 2018 and the GDPR (General Data Protection Regulation), the PCI DSS (Payment Card Industry Data Security Standard), and other laws, regulations and contractual obligations.
Our expert consultant will provide you with updates throughout the project from both technical and non-technical perspectives.
Our established UK penetration testing team has amassed extensive testing experience that ensures clients receive a comprehensive service.