Gone phishing… Our experience

Gone phishing… Our experience
Charlotte Bourguignon

We have combined the results of 125.940 phishing simulations that were launched within companies from a diverse set of industries.

What is phishing?

Phishing is used by criminals to install malicious software on your computer or to steal your password. In an e-mail or other communication, you are usually asked to click on a link, enter your password on a fake website or to open an attachment. The communication is made to look as though it comes from a trusted sender.

How do our phishing campaigns work?


We start with a baseline test, this is the first step in creating awareness. The baseline test will identify the Phish-prone percentage of employees and the data will be used to measure future success.

STEP 2: E-learning

Security Awareness e-learning educate employees on how to recognize phishing and how to respond.


To reinforce the training and keep the awareness level high, regular simulated attacks are key. These attacks are based on real attacks and latest methodologies.


Measuring employees training activity and phishing results. This allows us to identify the most vulnerable employees and to target them more efficiently.

Our Experience

  • 50% of phishing messages were opened by the target across all campaigns
  • 27% went on to click the malicious attachment or link
  • 10% entered their password or other confidential information

Create your human firewall

The above results show a significant drop from 35% to 12% over the period of one year. This proves that phishing simulation campaigns are key in creating awareness amongst employees and protecting your company.

Ready to start phishing your employees? Find out what percentage of your employees click on a phishing e-mail and enter their password. Identify vulnerabilities within your company. Start today!