The ThreatSim phishing tool supports thousands of templates across more than 35 languages. Our variety of templates address three key testing factors: embedded links, requests for personal data, and attachment downloads (.pdf, .doc, .docx, .xlsx, and .html). Average failure rates calculated from assessments sent by all customers for each template are visible within the phishing tool, which allows administrators to gauge difficulty prior to campaign creation.
Using real, “in-the-wild,” threat intelligence data from our Targeted Attack Protection, we deliver new ThreatSim phishing templates to help create simulated attacks that will challenge the user’s ability to respond to the most relevant threats. Administrators can customize the content in any template, or create their own. This flexibility allows organizations to quickly and easily create timely phishing tests that mimic threats seen in the wild and within their own networks.
We strongly suggest that all employees who fall for a ThreatSim Phishing Simulation be automatically presented with an “intervention message” (which we like to call a Teachable Moment). By utilizing “just-in-time teaching” at the moment an employee interacts with a mock phishing email, Teachable Moments explain what happened, outline the dangers associated with real attacks, and give practical advice about avoiding future traps.
We offer several formats — including static and animated landing pages, short videos, and interactive challenges — for our Teachable Moments and allow you to tailor the message as you see fit. A selection of static landing pages is available in 17 languages, which allows your global employees to view key messages in their native languages. You can also opt to route clicks to your own internal messaging.Learn More
We were the first-to-market with this time-saving and behavior changing feature that allows you to automatically assign follow-up training to anyone who falls for a ThreatSim Phishing Simulation. While you can still assign training to everyone, Auto-Enrollment allows you to quickly deliver targeted training to your most susceptible end users first. This approach can dramatically improve the efficiency of your program and engage those who need the most attention.
Multinational support allows administrators to deliver simulated attacks and Teachable Moments in dozens if languages which means you can assess your global employees in their native language.Learn More
Our PhishAlarm® one-click email reporting tool is available to install at no cost. This email client add-in allows employees to report suspicious messages to your security and incident response teams with a single mouse click. We recommend adding our PhishAlarm Analyzer anti-phishing email analysis tool, which utilizes machine learning to prioritize emails reported via PhishAlarm and enables faster remediation of the most dangerous threats on your network.Learn More
System Click Exclusion is a feature built into ThreatSim that identifies and isolates phishing simulation interactions initiated by email protection tools. This patented approach ensures an accurate view of risky end user behaviors and enables productive and efficient security education programs.
What does this provide?
This option allows you to spread out the distribution of phishing simulations to minimize the impact to your email servers and IT helpdesk. Paired with the ability to use multiple simulated attack templates in a single assessment campaign, these functions reduce the chances that employees will figure out – and discuss – the phishing test, which helps provide the purest test of end-user susceptibility.
ThreatSim provides extensive analytics and reporting about employee responses to various phishing attack scenarios. You’ll also know whether employees fell for an attack through a mobile phone, a tablet, or a computer; the browsers they were using; and their locations when they fell for the attack.Learn More
ThreatSim offers an optional Weak Network Egress function, which can help detect data egress from users’ PCs and, as a result, allow security personnel to identify and modify security controls to reduce potential threats. Administrators can also check for browser vulnerabilities with the capability to flag out-of-date (and potentially vulnerable) third-party plug-ins on end-user PCs.