Skip to Main Content
Select regional store:
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
Simulated Phishing Attack

Simulated Phishing Attack

SKU: 4451
Format: Penetration test

This Simulated Phishing Attack will establish whether your employees are vulnerable to phishing emails, enabling you to take immediate remedial action to improve your cybersecurity posture.

From just $4,200, this test simulates a real-world phishing attack on up to 1,200 of your employees. Book your test today.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service center team on +1 877 317 3454.

Inquire about this service

How would your staff respond to a phishing attack?

This service assesses your staff’s awareness of phishing threats by simulating phishing emails that can range from unsophisticated to a highly targeted campaign. We will capture a wide range of statistics to help evaluate your employees’ awareness. These will be detailed in a report that also identifies business and technical risk, and advises on how to improve staff awareness.

Entirely customized to your needs, this test will allow you to define:

  • The type of attack you wish to deploy
  • Who the targets should be
  • The metrics you would like to measure

We will design and build the attack based on your requirements. This usually involves setting up a domain from which to send the phishing email, which may be designed to closely resemble one of your own domains, developing a template to mimic your organization’s email templates or those of trusted suppliers, building web pages for phishing emails to direct to, and so on.

Download the full service description

Receive a comprehensive report

At the end of the test, you will receive a comprehensive report broken down into:

Executive summary

High-level, non-technical summary of your business’s risks.

Assessment details

When the assessment was performed, the type of assessment, the scope of the assessment, and the assessment objectives.

Phishing template

Details of the template and landing page used, how it was designed, and how users could identify that it was a phishing campaign.


Overview, consultant’s commentary, and detailed breakdown of the results, including the number of users who submitted data to the phishing campaign and your overall risk score. This can also be broken down by department and compared against other results.

Download the full service description

Who is this service for?

This service is suitable for organizations that want to understand their staff’s awareness levels or test the effectiveness of their phishing training.

The test simulates a real-world phishing attack on up to 1,200 of your employees, using one phishing template. Price will depend on the number of users targeted.

For a more tailored attack, which could involve multiple attacks/templates and building trusted relationships with users, please contact us for a custom quote.


Benefits of the Simulated Phishing Attack

Get real-world insight into your vulnerabilities

Identify and understand your employees’ susceptibility to phishing attacks and the business impacts this presents. Quickly find out if there is an internal awareness problem and determine subsequent staff awareness training – an effective way to change end-user behavior.

Demonstrate strength to key stakeholders

Demonstrate a strong security posture to clients by providing third-party assurances.

Safeguard your organization

From the detailed report, you will be able to implement secure measures, thereby reducing the likelihood of a security breach while protecting your brand.

Supports best practice

Supports compliance with ISO 27001, NIST guidance, the PCI DSS (Payment Card Industry Data Security Standard), and other laws, regulations, and contractual obligations.

Technical and non-technical descriptions

Our expert consultant will provide you with updates throughout the project from both technical and non-technical perspectives.

Finding vulnerabilities since 2010

Our established penetration testing team has amassed extensive testing experience that ensures clients receive a comprehensive service.

Why IT Governance USA?

Why IT Governance USA?

  • Our CREST-certified penetration testing team will provide you with clarity and technical expertise, as well as peace of mind.
  • Get one-to-one expert advice at any stage of the engagement, along with an end-of-test debrief and answers to queries following the issue of the report.
  • Our detailed reports describe any identified business risks from both technical and non-technical perspectives.
  • Our established and experienced penetration testing team has been operational since 2010, amassing extensive testing experience that ensures clients receive a comprehensive service.

Customer reviews

This website uses cookies. View our cookie policy