What is it?
This service simulates a phishing attack on your employees using realistic, tailored scenarios – from mass campaigns to spear phishing. It’s designed to show how exposed you are to human error and how well your existing training and defences hold up.
How it works
You’ll define:
- The attack type (e.g. fake supplier invoice, MFA prompt, shared doc link)
- Which employees or departments to target
- What success metrics matter to you (e.g. clicks, data submitted, responses)
We’ll handle the rest:
- Designing the emails
- Registering realistic domains
- Creating phishing landing pages
- Managing the entire campaign from start to finish
Download the full service description
What you’ll get
A detailed, easy-to-read report that includes:
- Executive summary: A high-level overview of what happened, what it means and what to do next.
- Campaign breakdown: When the attack ran, what was tested, and who was targeted.
- Phishing template analysis: What the fake email looked like, how realistic it was and how users could’ve spotted it.
- Results and risk score: Who clicked, who submitted data and how your departments compare. Includes consultant commentary and suggested fixes.
Who is this for?
This service is ideal for:
- Organisations running or reviewing phishing training
- Teams preparing for audits or ISO 27001 certification
- Security leaders who need clear evidence of user risk
- Anyone unsure how staff would handle a real attack
You can test up to 1,200 employees with one phishing template. Want to go further with multiple attack types or a staged campaign? Get in touch for a custom quote.
Next steps
- Talk to an expert to get a quote and plan your phishing simulation.
- Screenshots of example emails and landing pages available on request.
- Delivery timeframe: Simulations can typically be launched within two to three weeks.
