Hi Cer, we're here to help.

What is Go Phish!?

Go Phish! is a virtual phishing simulator that allows users to practice identifying phishing and non-phishing emails in a simulated inbox accessible via their desktop or mobile browser. It's designed to help organizations educate their employees on cybersecurity awareness by providing interactive assessments that mimic real-world phishing scenarios.

How does Go Phish! work for organizations?

Organizations can sign up for Go Phish! by creating an account as an organization admin. Once registered, admins can add or import their users' email addresses and set their preferred language for the assessments. They can then create phishing simulation campaigns by selecting from premade phishing and non-phishing emails or by using the Go Phish! AI to generate new ones in their chosen language.

How do I create a phishing simulation campaign?

To create a campaign: 1. Add Users: Import or manually add the email addresses of your organization's users. 2. Select Emails: Choose from existing phishing and non-phishing email templates or generate new ones using the Go Phish! AI. 3. Target Groups: Select the target audience for the campaign, such as specific departments or the entire organization. 4. Launch Campaign: Once you've configured the settings, launch the campaign. The assessment period will start immediately and run for 7 days.

How do users participate in the assessments?

Users will receive an email invitation to take the assessment. The email contains a one-time link that opens their virtual inbox. Upon starting the assessment, users have 10 minutes to review and flag emails as phishing or legitimate. They can complete the assessment by clicking the "I'm done" button or by letting the timer expire, after which their selections will be submitted automatically. Users can also access the assessment from their personal dashboard if they log in directly.

Can users see their assessment results?

Yes, after completing the assessment, users can view their pass/fail status on their personal dashboard. However, only the organization admin will have access to detailed reports indicating which specific emails were incorrectly flagged or missed by the user.

What happens after the assessment period ends?

Once the 7-day assessment period concludes, all users will receive an email containing a detailed analysis. An AI-generated explanation will highlight which emails were phishing attempts and provide insights into the distinguishing features that signaled they were malicious, as well as explanations for the legitimate emails. Users can also access this analysis from their personal dashboard.

How does Go Phish! benefit organizations over traditional phishing simulations?

Go Phish! ensures that all users participate in the phishing assessments by providing a controlled, simulated inbox environment. Unlike traditional phishing simulations that send emails to users' actual inboxes—where emails might be missed, ignored, or filtered by spam detectors—Go Phish! guarantees engagement and provides comprehensive data on user performance. This approach enables organizations to effectively track improvements over time and tailor their cybersecurity training accordingly.

How can organization admins track performance over time?

Organization admins have access to a dashboard that displays detailed analytics on user performance across multiple campaigns. This includes metrics on how well users are identifying phishing emails, common pitfalls, and improvement trends over time. This data helps organizations measure the effectiveness of their cybersecurity training efforts and identify areas that may need additional focus.

Is Go Phish! customizable for different languages and departments?

Yes, Go Phish! supports multiple languages, allowing organizations to set their target language for assessments. Additionally, campaigns can be targeted to specific user groups or departments, such as Sales, IT, or HR, enabling more tailored phishing scenarios relevant to different roles within the organization.

How secure is user data within Go Phish!?

Go Phish! takes data security seriously. User data and assessment results are stored securely and are only accessible to authorized organization admins. The platform complies with industry-standard security practices to protect sensitive information.

Can Go Phish! generate custom phishing emails?

Absolutely. Organization admins can leverage the Go Phish! AI to create custom phishing and non-phishing emails in their preferred language. This feature allows for more realistic and targeted phishing scenarios that can challenge users and enhance their ability to recognize sophisticated phishing attempts.

How often should organizations run phishing simulation campaigns?

While there's no one-size-fits-all answer, it is recommended that organizations run regular phishing simulation campaigns to continuously assess and improve their users' cybersecurity awareness. Frequent campaigns help reinforce good practices and ensure that employees remain vigilant against potential threats.