Simulate the most sophisticated attacks

Prepare your employees for the phishing tactics hackers find most effective.

Phishing attack types

Prepare employees for every phishing tactic and deliver training to phished learners based on the attack type they click.

  • Drive-by

    See if your employees take the bait from drive-by attacks built to draw interest, create a sense of urgency and generate a click.

  • Data entry

    Redirect clicks to a spoofed landing page to see if employees enter login credentials or sensitive information.

  • Business email compromise (BEC)

    Send targeted phishing emails and enable reply tracking to replicate BEC attacks and detect data patterns shared in replies.

  • Spearphishing

    Use dynamic variables to include employee name, manager, company information, location and more to simulate targeted attacks.

  • Malware & malicious attachments

    Include attachments and potentially dangerous file types such as .EXE and .DOCM to teach employees the dangers of attachments and malware.

  • USB

    Load Microsoft Word and Excel macro files on your USB drives and record all employee interaction with planted drives.

Phishy Domains & spoofing

Teach your employees the importance of domain verification on every email. Send simulated phishing emails from our library of Phishy Domains™ or add your own to typosquat domains familiar to your employees.

Replicate common domain spoofing techniques with our pre-built landing pages or add custom spoofed domains to provide an additional challenge for employees.

Email reply tracking

Enable reply tracking to learn each employee’s susceptibility to credential phishing and social engineering attacks and deliver training accordingly.

PhishSim reply tracking can report whether an employee replied, detect patterns such as credit card, bank account and Social Security numbers or store the entire reply for up to 14 days.