Wizer Phishing Simulation Checklist

Step 1: Log In or Create Your Account

Create your account here!

→ Wizer Training Sign Up

Step 2: Configure Your Email Platform

First, configure your primary email platform to allow Wizer phishing simulation emails.

Choose the guide that matches your environment:

• Google Workspace (Gmail)
  → Wizer – Google Workspace Configuration Guide

• Microsoft 365 (Outlook)
  → Wizer – Microsoft 365 Configuration Guide

This ensures simulation emails are delivered and links are not blocked or rewritten.

Step 3: Configure Internal Email Security Tools (If Applicable)

If your organization uses a third-party email security solution, it must also be configured to allow Wizer simulations.

→ Wizer – Third-Party Email Security Configuration Guide

Watch out for services like Proofpoint, Mimecast, Barracuda, or Microsoft Safe Links.

• Email security gateways

• URL rewriting / time-of-click protection

• Endpoint protection (if applicable)

This prevents emails from being blocked or links from being automatically scanned or clicked.

Step 4: Install the Phishing Report Button

Install the phishing report button so users can report simulated phish correctly (and you can track reporting behavior).

→ Wizer – Phishing Report Button Guide

Step 5: Test with a Phishing Simulation Email

After completing the steps above:

1. Send yourself a test phishing simulation from Wizer.

2. Confirm the email is delivered successfully.

3. Verify links open correctly and activity is tracked as expected.

4. Test reporting using the phishing report button.

Step 6 (Recommended): Send a “Practice” Phishing Drill

Send a drill email to your employees so they know how to use the phishing report button before real campaigns begin.

When creating the campaign, select one of the "drill" templates and send it out!

Troubleshooting: False Clicks

If users appear to click links they did not actually click, this is usually caused by security tools.

→ Wizer – How to Fix False Clicks in Phishing Simulations