ThreatSim Smishing and USB Simulations

Assess Your Susceptibility to SMS/Text Phishing and USB Drops

ThreatSim Smishing and USB Simulations

Assess Your Susceptibility to SMS/Text Phishing and USB Drops

Our ThreatSim® Smishing and USB Simulations* can help you gauge your employees’ understanding of the dangers associated with SMS/text phishing (smishing) and USB-based attacks. These unique assessments can protect your corporate systems from malware, spyware, and other dangerous software. Our mock attacks help you establish a baseline measurement of how vulnerable your organization could be to these dangerous and pervasive social engineering threats. ThreatSim USB and Smishing Simulations utilize a scientifically proven methodology to collect this data, which allows you to plan and focus your future efforts.

*Currently available in the US only.

Request a Demo


Teach Employees to Avoid Real-World Attacks

Any employee who falls for a simulated smishing attack or USB drop is automatically presented with a Teachable Moment, which explains the situation and provides practical guidance and tips. Pairing simulated attacks with just-in-time teaching is an excellent forerunner to our interactive training modules because it motivates and engages your employees.

About our Training Modules

Change Behavior with Our Continuous Training Methodology

Simulated attacks are most effective when paired with interactive education and incorporated as part of an ongoing security awareness training program. Our Continuous Training Methodology maximizes learning and lengthens retention, driving measurable behavior change. Customers who have applied this approach have seen up to a 90% reduction in successful phishing attacks and malware infections.

About our Methodology


ThreatSim Smishing Simulations: Mitigate Risks on Mobile Devices

usb drop simulations

Extend Security Awareness Beyond Email

Safely expose your end users to smishing techniques and gauge vulnerabilities by sending customizable text messages directly to your employees’ mobile phones. These exercises are ideal for testing users on corporate-issued devices, but can also be employed in BYOD (Bring Your Own Device) organizations with employees who opt into receiving corporate messages.

usb drop simulations

Increase Employee Receptivity to Training

Smishing simulations can set the stage and make employees more receptive to in-depth training about social engineering attacks and mobile device security. Our experience has shown that employees who fall for a mock attack are more motivated to complete follow-up training.


ThreatSim USB Simulations: Mitigate Risks from Infected Media Drives

Alt Text

Test Employees' Susceptibility to Infected Media Devices

ThreatSim USB Simulations allow you to introduce employees to the concept of infected removable memory devices and to test their vulnerability to this pervasive and dangerous threat vector. Mock USB drops are important exercises given the continued expansion of the Internet of Things (IoT) and connected devices.

Alt Text

Get Employees Thinking About Best Practices with USB Devices

Simulated USB drops set the stage and make employees more receptive to in-depth training about social engineering attacks and data protection. In addition, simulated attacks get employees thinking (and talking) about best practices and how to respond to future, real-world incidents.

ThreatSim USB and SMS Simulations: Key Benefits and Features

Customizable Tools

ThreatSim Smishing and USB Simulations allow organizations to quickly and easily create tests that mimic threats seen in the wild and within their own networks.

For smishing simulations, you can choose from multiple customizable text messages that can be sent directly to your employees’ mobile phones.

For USB drops, our cloud-based interface allows you to easily create a custom executable file with a brief training message embedded in the file. The file is then loaded onto USB devices that can be randomly placed throughout your organization — just waiting to be plugged in.

Teachable Moments

Employees who fall for a simulated smishing or USB attack are automatically presented with a unique Teachable Moment. This “just-in-time” teaching approach is a great way to set the stage for future in-depth training, as these informative messages motivate employees to learn best practices and exhibit safe behaviors.

The customizable, 15- to 30-second Teachable Moments alert employees about the mock attack, explain the dangers associated with real attacks, and give practical advice and tips they can use to avoid future traps. You can select from three different teaching methods:

  • Single-panel comic strip
  • Multi-panel illustration (USB simulations only)
  • Customizable landing page

If you don’t wish to use Wombat Teachable Moments, ThreatSim Smishing Simulation administrators have the option to route users to internal messaging or training products.

Valuable Business Intelligence

Our ThreatSim Smishing and USB Simulations can help you determine a baseline vulnerability level and gauge progress over time. Our powerful business intelligence tools give you visibility into the following:

  • Users who fell for a simulated smishing attack, and those who viewed or clicked the message
  • The number of USB devices that were accessed and the IP addresses of the users who fell for the simulated USB drop
  • The number of unique responses per USB device planted in your location

Learn More

Protect Your Organization from Threats with Our Beyond the Phish™ Report

I believe that a product this effective needs to be communicated to others. There are many choices out there, but Wombat has been the most responsive to our needs and they continuously improve their product.

CIO | Manufacturing

Wombat was able to get us up and running from engagement to execution in under a month which enabled the Security & Risk team to meet our objectives and report on status to our Executive Team. The solution is very easy to use and improves in every release.

Sr. Manager of Security and Compliance | Services Industry

Wombat was very receptive and open to working with our organisation, we were initially given a brief introduction on the solution which gave us further insight on implementing our security awareness program. We have been able to assess our security posture with help from Wombat and have adopted the wombat continuous training methodology. The integration process was seamless. ThreatSim is also a very great feature.

Service Center Specialist | Finance Industry