You are here:

Simulated Phishing Attack What To Expect

Wizard Cyber will perform a simulated phishing attack to determine your organisation’s current susceptibility to this type of attack, identifying the groups of users most at risk.

Our team of penetration testers will come up with a range of phishing scenarios. We use various techniques, but they generally involve sending an email to random, or in some cases nominated, personnel. The email asks the targeted employees to take certain actions that will result in them giving sensitive information such as usernames and passwords. The responses and any information contained within will be intercepted and assessed while redirecting users to prevent suspicion.

The identified vulnerabilities are presented in a format that allows an organisation to assess the resistance of its employees to a phishing attack.



Phishing attacks are quick and easy to implement and deliver an enormous return on investment, which has motivated criminals to create increasingly sophisticated and creative phishing ‘lures’. These are often indistinguishable from genuine emails, text messages or phone calls; in general, affected users don’t report the compromise until it is too late, inflicting enormous damage on your organisation. Senior management need regular assurance that staff have been properly trained on how to spot phishing emails, and the only real way to achieve this is through a simulated phishing attack.


Here are some questions we are often asked to help you decide.

  • A consultation to determine the extent of the phishing simulation and understand your requirements.
  • Design and development of a targeted phishing campaign that simulates a popular phishing attack vector (e.g. a ‘drive-by download’). The actual vector deployed will be agreed after a scoping discussion with the client.
  • Carefully designed, non-destructive attacks target IT users of your choice and measure the results.
  • Our experienced consultants interpret the results to provide trend analysis and highlight problem areas such as department or location.
  • Full report breakdown at the end to show individual user behaviour

We do NOT use any templates or take a cookie cutter approach with our phishing simulation. All of our campaigns are unique to the customer and tailored to fit your business and requirements.

If you have any further questions regarding Incident response management, please contact us via email info@wizardcyber.com or 0333 311 0121 

Contact us for more information

Please fill out the form below or call us directly on +44 (0) 333 311 0121.