REVIEW

Phished Automated Cybersec Awareness Training

Expert Insights’ review of the Phished security awareness training and simulation platform.

Editor's Score
4.5/5

By Craig MacAlpine
Updated Apr 23, 2024

Phished Logo

Expert Insights Verdict

4.5/5

Phished is a dedicated, specialized phishing simulation platform that excels in delivering highly-personalized phishing simulations to individual users, improving accuracy and allowing organizations to identify susceptible users.


Pros
  • The self-learning phishing campaigns are easy to set up and run, freeing up time otherwise spent creating simulation templates, while presenting users with relevant, continuous training.

Cons
  • The platform doesn’t provide an extensive amount of training content.

What Are Phished’s Key Features?

Phished’s core feature is the ability to learn which phishing emails your users are likely to click on using machine learning algorithms. The system uses this data to send out individualized, tailored simulated phishing emails based on historical click patterns, meaning every single user receives a unique phishing test based on their own unique needs.

Admins can automate these campaigns to be sent on a regular basis; Phished recommends they’re sent every 15 days. Simulations cover a variety of threats, including business email compromise, insider threats and spear-phishing—with an option to disable spear-phishing campaigns, which can be controversial amongst end users.

Users can report phishing simulations via a button in their Microsoft 365 mobile and desktop client, or report the email via forwarding when using other email clients. If a user correctly reports an email, they’re congratulated; if they fail to identify a simulation, they’re assigned training at the point of failure on that topic.

Admins can view reports by user and by department into which users are completing their training, reporting emails, clicking on simulations, and entering credentials in fake “phishing” webpages.

Phished Dashboard

Phished Dashboard

Effectiveness

The automated simulation campaigns offered by Phished are incredibly effective. Because phishing simulations are tailored to each users, testing and is much more accurate and realistic than competitor solutions, which commonly send out the same simulation to every single user within the organization. Admins also don’t have to manually configure simulations, as they are automatically tailored to each user.

The Phished Academy training library offers textual training content in the form of articles and limited video content. Admins can also create quizzes within the platform to test their users on what they’ve learnt. Content is delivered automatically if a user fails to identify a simulation. It can also be assigned on demand by admins. While the bite-sized modules are an effective way of delivering learning, there isn’t enough content to provide comprehensive awareness training across a range of topics.

While training modules and simulation templates are available in nine languages, organizations in the US with Spanish speaking employees should be aware this solution offers limited materials in Spanish. The most content is available in Dutch and English.

Welcome to the Phished Academy - introduction to Phished cybersecurity awareness training

Ease Of Management

Because it’s delivered via a web-based console, Phished is very quick to deploy. Users can be onboarded manually, via .csv file upload, or via an Azure Active Directory integration. The platform also offers detailed support on how to integrate Microsoft 365 so that MS Advanced Delivery Protection doesn’t flag simulations as spam.

From the dashboard, admins can add new users, set up simulation campaigns, create Learning Paths for end users to complete, and view reports into simulation results.

Configuring an automated simulation campaign takes a matter of minutes and, once set up, simulations are sent regularly as scheduled without any extra work needed. Admins can create visual reports into simulation results, including a Hall of Fame and Wall of Shame view (top reporters/most phished), and can filter by user department. Admins can also easily generate reports into the training completion status of each user.

Overall, the web console is very intuitive and easy to navigate.

Best Suited For

Phished is a strong choice for organizations looking for effective way to identify and train team members susceptible to phishing attacks with automated phishing simulations, tailored for each individual user.

Phished is effective when running ongoing phishing simulations for a large number of users, while offering the considerable benefit of minimal ongoing management. The solution is particularly well suited for enterprise organizations and MSPs looking for an easy to manage solution with strong phishing simulations.

Our in-house testers also saw benefit in the service being suitable for small- and medium-sized businesses based on the training material offered by Phished, although the solution is primarily targeted at enterprise customers and MSPs.

Final Verdict

Phished is a dedicated, specialized phishing simulation platform that excels in delivering highly-personalized phishing simulations to individual users, improving accuracy and allowing organizations to identify susceptible users.

The platform is easy to navigate and manage, and makes it simple to set up automated campaigns, saving valuable resource compared to other platforms that require more hands-on management.

Tested By: Craig MacAlpine


CEO and Founder, Expert Insights

Craig MacAlpine is CEO and founder of Expert Insights. Before founding Expert Insights in August 2018, Craig spent 10 years as CEO of EPA cloud, an email security provider acquired by Ziff Davies, formerly J2Global (NASQAQ: ZD) in 2013, which has now been rebranded as VIPRE Email Security. Craig has extensive experience in the email security industry, with 20+ years of experience helping organizations to stay secure with innovative information security and cyber security solutions. Craig delivers these insights to readers with detailed product reviews, comparisons and buyers’ guides.

Company Information
Category Icon
Category

Security Awareness Training

Website Icon
Website

phished.io

Founded Icon
Founded

2018

Headquartered Icon
Headquartered

Belgium

Deployment Icon
Deployment

Cloud

Suitable Icon
Suitable

Enterprise & MSP

Phished Automated Cybersec Awareness Training Awards
Product Award Product Award Product Award Product Award Product Award Product Award Product Award Product Award
Phished Automated Cybersec Awareness Training Interviews
Arnout Van de Meulebroucke
Founder and CEO
Read Here