Phishing assessments are a powerful way to measure the organisation awareness and to reinforce key learning objectives. The assessment focus to exploit the weakest link in the golden triangle, i.e. People and attempt to gain access to the organisation network through compromised credentials. The assessment is conducted externally over the Internet, replicating the real path and behavior of an attacker.

Security Simplified customises its approach for each phishing assessment depending on the target audience, organisation culture in regard to Information Security and the frequency of user awareness training conducted within the organisation.

Each assessment identifies:

  • How many users opened and read the phishing email?
  • How many users opened and clicked the phishing email link but did not entered the credentials?
  • How many users click and enter their user credentials?
  • What level of compromise could be achieved with one set of credentials?

Our Methodology

Target Analysis

Subdomain Enumeration

Shortlist Target to Create a Fake Phishing Website

Develop Pretext

Suggest Phishing Domain

Customer Approval

Design Phishing Website and Email

Register Domain Name & Host Website

Final Customer Approval

Trigger on Approved Date/Time

Capture User Credentials

Collect Statistics



  • Executive summary for the management
  • Phishing Campaign Overview & Observations
  • Phishing Statistics Report
  • Recommendations & next steps

Want to work with us?

Do you need help finding information or want to know more about what Security Simplified services can do for you?


Copyright @2022 Security Simplified Limited