Phishing Campaigns & PaaS

With Phishing on the increase it is important to know how your organisation is at risk.

Don’t sit back and wait for the breach, the time to test your organisation and train your staff is now. All it can take is one press of a link or the disclosure of one set of valid employee credentials to bring an organisation into a crisis. We work closely with an organisation to bring employee testing and targeted training together.


Realistic Simulated Phishing Attack 

Assessing who is susceptible to these techniques and who requires training can be a managed over a period of time in a simulation of a real phishing attack campaign. Full analytics will be provided with assessments to report which users have logged on to a cloned portal or clicked on a link inside an email.

  • Externally facing portals cloned
  • Credentials harvested and reported on
  • Several levels of Phishing email simulations.
  • Can be combined with other kinds of Social Engineering assessments.
  • A focus on user training and staff induction programs.
  • Increased training available to VIP and key personnel within an organisation

Realistic means exactly that! We run this assessment like a criminal would. We start with next to no knowledge of the target organisation and work towards uncovering the details of your employees through OSINT. The final stages will see extremely complex phishing emails being used. Spear phishing has gained popularity but we go further than this. Crafting online personas and relevant situations and real-world events that reinforce an emails credibility.

When you really need to gain access to an organisation ‘in the wild’, you will stop at nothing. We replicate this determination and it forces us to test our clients harder, stealing some of the most ingenious and devious ideas from current phishing attacks.

We can also adapt our testing style to focus on click rate statistics and employee benchmarking. A real attack is significantly different from user testing so it will be essential to gather further information before commissioning work.



PaaS – Phishing-As-A-Service

PasS brings a high-quality phishing service to the hands of your business and can be scaled out in plans suitable for your testing needs. A one off setup fee per organisation, per year, is charged and unlimited phishing assessments can be conducted free of charge at this point on a DIY basis. There has never been a more apt time to use the proverb:

“give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime”

Unlike our consultant led Realistic Simulated Phishing Attacks, PaaS is a totally DIY solution offering you the chance to meaningfully test your staff on a regular basis.

  • Full Phishing portal setup
  • Unlimited* Phishing Emails (*Fair use applied <250,000 P/A)
  • Includes 5 company bespoke designs for phishing emails
  • Includes 3 company bespoke phishing portals
  • Individual VPS that has been hardened and is regularly tested
  • Full documentation and support
  • Free domain name of your choice (Not exceeding £50 P/A)




Make contact today to discuss any of these options.

Further reading can be found in our informational PDF Download_PDF