The Phishing Exercise is a mix of 10 phishing and regular emails from 34 templates in total. This engaging activity boosts employees' cybersecurity awareness, teaching them to identify and respond to phishing attempts effectively.
There are 34 templates in total, and 6 of them have a new type - SMS. The templates in the Phishing Exercise are displayed to the users in mixed order (every exercise is unique for every user) to determine which is legit or phishing by clicking the specific buttons (Call&Verify, Check Official App, Report Phishing, and Looks Legit).
The user has to check the sender's domain, hover over the links, pay attention to the grammar, and determine which action is the most suitable for the situation. After each answer (no matter if it is correct or not) there are several tips messages explaining the details. Each user needs to reach at least 7 out of 10 correct to pass the Phishing Exercise.
For more information about how a user completes the phishing exercise in the Employee app, please visit the article How Does A User Complete Phishing Exercise? from our Knowledge Base. Once a user completes the Phishing Exercise and gets the score, it is impossible to repeat it. Users can restart the exercise before they answer the last question.
To assign the Phishing Exercise please, go to the Training left side-bar menu, choose the Phishing Exercise section, and click on Enable Exercise.
In the Settings section, you should choose the audience: all users, departments, or groups. Choosing all users, newly assigned users will be automatically assigned to the task. Selected departments or groups cannot be removed after the settings are saved and the campaign starts.
Please note, that only one campaign may be active at a time, so it is highly recommended to start it for All Users.
The notification messages are customized, so you can edit the subject and the message for the notification email for users. Reminders can be changed here.
You may also set up the period of task completion for the Phishing Exercise campaign (7, 30, or custom number of days). The period of task completion is a symbolic number, so the users tend to complete the task in a certain period. The count of days for users starts since the Phishing Exercise is set up by the admin. However, after the period is over, the task will not disappear from the outstanding tasks bar in the Learner Console. It will be marked as overdue.
After choosing the period option and the auditory, click the "START EXERCISE" button to set up the campaign and confirm the action.
With an activated feature of the dynamic group "Phished Users", all users who clicked the phishing link from the simulation phishing campaigns will be added to the group "Phished Users" and will be automatically assigned to the Phishing Exercise and Phishing Simulation campaign.
While the Phishing Exercise campaign is activated, the admin can check the results above, clicking on them an admin gets access to 2 types of reports.
The results can be filtered by email, name, status, points, departments, or groups. The report can be downloaded in a CSV file by clicking the "DOWNLOAD" button.
The report "DEPARTMENTS" contains information about departments' names, the number of users assigned, and the number of users who passed, failed, and started the exercise (can be ranged). The report can be downloaded as a CSV file by clicking the "DOWNLOAD" button.
To stop the Phishing Exercise, click the "END EXERCISE" button and confirm the action.
If the admin turns off the campaign, all assigned users will lose access to the Phishing Exercise in the Employee App.
The admin can switch to the Learner App by clicking the "Learner Login" button on the right top corner of the Phishing Exercise page and complete the task by themselves.
Any questions? Please communicate with our support specialists at support@wizer-training.com
Best regards,