FREQUENTLY ASKED QUESTIONS
PHISHING SIMULATIONS
What is a Phishing Simulation?
Phishing Simulations are campaigns in which fake “phishing” emails are created based on typical phishing attempts organizations regularly find themselves facing. They are most commonly delivered as part of a security awareness training program and provide the best results for preparing people for a wide range of cybersecurity threats.
Why should companies use phishing simulations?
Phishing simulations are important because they keep the company informed on two fronts:
- Simulations keep the employees informed on phishing threats and help them stay vigilant in spotting threats in their inbox.
- Simulations show the company who in their organization has the highest risk of being phished and it shows what types of attacks they are most vulnerable to….or at least they do if the company is using Phishfirewall.
That kind of education and intelligence ensures that companies can very quickly adapt to the way they handle real threats.
What are the benefits of building simulations into my security awareness training program?
Greater than 90% of all cyber breaches start with human error. Malware, viruses, ransomeware, all start with a single careless click on the wrong link.
The knowledge gap between knowing what a phishing attack is and actually recognizing one in the moment, remains critical at most companies.
By sending phishing simulations to your employees, they’re better protected when facing the real thing. Within a controlled environment, employees are offered the room for error and experimentation, without the consequences of an actual hack.
How are PhishFirewall simulations different?
PhishFirewall’s simulations have a number of advantages over the competitions’:
- Our leadership difference. We use a real hacker’s perspective when building out our simulations and we stay up to date on both the most popular types of attacks and the new types that could be a threat in the future.
- Getting started with us is headache free. Our technology fits neatly into any existing tech stack and is easy to start using right away. Our system for running phishing attacks and education is also fully automated and customizable, so your team doesn’t have to worry about micromanaging campaigns or content systems.
- Our fully automated system uses a better approach for delivering education for employees thanks to our policy on positive reinforcement and education over punitive measures. We’re the only solution on the market with a sub 1% phish click rate and a big part of that is our ability to directly deliver meaningful education to users as soon as they click a phish.
- Our Cyber Coach AI, LORA, can personalize education for each member of your team based on their phishing history. High risk users receive more relevant education that breaks down what to watch out for, while low risk users are given more checkups that mention their success while also building their knowledge on potential threats.
- Our metrics can be viewed at anytime and they aren’t campaign based. You get a constant, realtime, and holistic view of your company’s susceptibility to phishing attacks whenever you want or need it with our analytics dashboard. Those data points include phish risk information by physical location, by department, or even by individual employees.
How should companies view their PhishFirewall simulation data?
All data can be viewed through the PhishFirewall customer portal. New customers can click here to check out a full demo of our analytics platform, which walks you through the different data we monitor and present for your company.
Existing customers can access your portal by clicking here, or by selecting the portal button at the top of the page in the header.
What browsers are supported?
We support all current modern browsers, including Edge, Chrome, Mozilla, Safari, and more. If you have any older browser versions that need support you can reach out to our team and we can test them internally to make sure we are able to fully support your team.
Is PhishFirewall compatible with existing learning management systems?
Toggle Content goes here
How scalable are PhishFirewall’s simulations?
We’re able to easily integrate with and serve any sized business. PhishFirewall’s portal is cloud based and can be scaled to meet any number of users and any size of enterprise.
How does PhishFirewall protect their customer’s data?
Toggle Content goes here
What is the pricing for PhishFirewall?
Our pricing model is based on the number of users you want to add into your system, making it easier to provide a quote through a very quick consultation with our experts. For a full comprehensive breakdown of pricing, you can contact our team by clicking here!
What are the payment options for PhishFirewall?
Toggle Content goes here
Are companies able to add internal branding to their PhishFirewall portal / content?
Yes! PhishFirewall’s system does allow you to add your company’s internal branding. You can submit the branding request through our customer success team contact for your company at anytime and we will implement it into future content delivered for your employees.
Can we recommend feature additions?
Absolutely. PhishFirewall puts customer success at the forefront of our model and we’re happy to dive into your needs when we begin working together.
PLATFORM SUPPORT FAQs
How do I use my Account Owner login?
After onboarding, the Account owner will have a meeting with the PhishFirewall team. During this meeting we go over how to use the analytics dashboard and we issue the new account by sending out an introductory email, as well as a temporary password to sign into the customer portal.
You can then access the dashboard at anytime by using the customer portal button in the header on our main website.
How do I sign-up new users?
We have an Active Directory Sync tool for sign up that integrates into your existing tech stack and can sync with your existing database. Out of box we can sync with Microsoft Azure, Microsoft 365, Microsoft thick client, and Google, but we can also add further integrations for any client’s needs.
We also support manually adding users through a CSV. You will need to send us a CSV that contains the required user’s information. If your organization is not using PhishFirewall’s Active Directory Sync, we will need the following information about your users in a CSV file: (PS the add and remove user function should be in our customer portal soon)
- Full Name
- Email Address
- Department
- Job Title
- Location
- Supervisor
- Employee ID # or Active Directory Username
(No sensitive information, such as Social Security Numbers, please) Names change on occasion, so we will need unique identifiers that will not change to track and correlate user data.
How do I use the reporting app?
Every user in the PhishFirewall system will be able to add our reporting application as an extension in their preferred email inbox service. Once installed, they will have a reporting button in their inbox that they can use to report any email they believe to be a phish, either simulated or legitimate, and it will be sent to our systems so that we can either automatically deliver education and kudos for the user, or alert your IT team to a phishing threat.
How do I submit a Support Ticket?
A full fledged support ticket system is on the way for our customer portal, but for the meantime you can send any support requests directly to our support team at support@phishfirewall.com