Frequently Asked Questions
Questions & answers about our phishing simulation platform!
Yes. We offer all prospective clients the opportunity to test the system. Please contact us and we will gladly demo the system, answer any questions that you may have and provide you with a trial account.
Yes, but we like to schedule time to discuss your needs and conduct a short demo of the system. We want to determine your specific needs so that we can ensure the system meets those needs. In the long run, this saves both of us time.
We do not limit the number of users or administrators that you may have on the system. You may have as many users or administrators as you deem necessary.
For a multi-client account, your account will be established based on the number of targets that you intend to test. This calculation is not based on specific clients, but the total number of individual emails you send during testing.
Yes. PhishingBox allows you to create “groups” to test specific segments. You can then report the test results by these groups.
Yes. PhishingBox was designed by auditors to perform social engineering testing for multiple clients. From the initial concept in 2006, PhishingBox was configured to allow an audit company to manage testing engagements for multiple clients via a single interface.
Yes and we will help you through the process or provide you with the names of quality audit and security firms that will provide testing using the PhishingBox platform. Contact us is you would like to be connected with one of these firms.
No. PhishingBox is a web-based system. Users access the system via a standard web browser.
No. PhishingBox is very easy to use. Although we provide access to advanced features, a novice security professional can use PhishingBox with very little training.
Yes. We offer phone and email support for all users. We will conduct web-based training upon request, or if a support issue warrants such training.
It depends on your organization. It is much like vulnerability scans. Even though an audit or security firm may perform such tests annually, it does not mean that a company has no need to perform such tests more frequently. Contact Us if you would like to discuss your specific situation.
It depends on how you configured your test. There are multiple options available. You can display nothing to the user, you can provide the user a message, or you may redirect the user another page, such as a training site, or a combination of a message and a redirect.
We allow the process to be self-managed, but we also offer a fully ‘Managed Service’ option.
- Self-Managed: Our company provides one-on-one training and support for all our customers, and we will personally walk you through every campaign if needed.
- Managed Service:
- PhishingBox can also act as the administrator of the platform for your company. With PhishingBox Managed Services, you will be assigned a dedicated Customer Support Engineer, who will work with you and your Account Manager, to design and implement a specific security awareness and training program. It’s your program, exactly your way – without the additional workload. We develop a plan that covers everything from implementation to execution to measurement. Your primary focus can be on the reports and actionable data generated by campaigns, which you can use to improve your overall end-user security plan.
- This resource is in addition to the PhishingBox Simulation service.
Once you become an official PhishingBox client, we will have your account fully setup within an hour. Your initial account setup, population of target users, LMS integration, and campaign creation will take about 2-3 hours. Moving forward, customizing and sending out additional campaigns takes 10 minutes or less.
Absolutely. We encourage our MSP client’s to Private Label any/all of our PhishingBox marketing and sales collateral. When new client’s sign up with us, we send over a full Reseller Packet for them to use as needed.
- Single Company Licenses are for organizations to conduct phishing simulations (tests) on their internal employees. These accounts typically only have one domain name associated with their phishing campaigns (@company.com), and licenses can either be purchased on a ’Per User’ or ‘Email Allocation’ basis. The ‘Per User’ option allows for unlimited testing throughout the year on all users, while the ‘Email Allocation’ option is restricted to the total number of emails sent out, not the total number of users.
- Multi-Client Licenses are for companies that manage services for their clients and resell other company’s software. They generally run tests on behalf of their clients and will have multiple domain names associated with the tests. Multi-Client accounts are only sold as an ‘Email Allocation’ option.
- You can fully customize any of our existing scenarios / phishing campaigns to fit your exact needs and language preference. We also constantly add new scenarios according to current trends in phishing attacks and cybersecurity. These are also fully customizable / editable.
- Alternatively, you can easily create templates/scenarios from scratch. Training and support are also free for the lifetime of our agreement.