Phishing Simulation

• Smart Phishing Campaign: This is an automated, recurring, multi-round simulation. It sends out different phishing templates to your users over an ongoing schedule (e.g., monthly). It is ideal for continuous testing, seamlessly including new users as they join, and measuring long-term progress.

• One-Time Phishing Campaign: This is a single, targeted test. It is best for running fast, focused tests on specific departments or addressing an immediate, trending phishing threat.

No! Wizer provides a robust library of over 200 ready-to-use phishing templates categorized by Consumer, Corporate, Spear Phishing, and more. The platform also offers curated "Monthly Batches" to keep your templates fresh and relevant to current threats.

Yes! You can fully edit existing templates or design your own from scratch to mimic internal messages or industry-specific threats. You can customize the Sender Name, Subject Line, message body, and the "Landing Page" (the page a user sees if they click the link). You can even add a fake login screen to test if employees will submit their usernames and passwords.

No, users are not notified when a simulation begins. They will only receive notifications when they are formally assigned a Training course, Policy, or Monthly Video.

When setting up delivery, Wizer allows you to spread the email sends across several days and times. This is a highly recommended best practice because it prevents employees from receiving the email at the exact same moment and warning their coworkers about the simulation.

Yes! If you have the Wizer Boost plan, you can enable a feature called Silent Phishing. You will need to contact Wizer Support (support@wizer-training.com) to have this feature activated for your account.

Absolutely! Many organizations choose to run a baseline phishing simulation before assigning any formal training so they can measure the initial risk level of their team and track improvement over time.

To ensure successful delivery, you must configure your email provider (e.g., Microsoft 365, Google Workspace) and any third-party email security tools (e.g., Mimecast, Proofpoint, Barracuda) to whitelist Wizer's IP addresses and domains or enable enable Direct Email Delivery. You can read our guide about it in our Phishing Simulation Checklist.

Wizer provides a Phishing Report Button extension that integrates directly into Google Workspace (Gmail) and Microsoft 365 (Outlook). When employees suspect an email is a phish, they simply click the button. If it’s a Wizer simulation, they will be congratulated for spotting it, and the action will be recorded in your dashboard.

The Wizer dashboard provides real-time, granular analytics. For any campaign, you can track:

• Emails Sent & Emails Opened
• Clicked (Users who clicked the malicious link)
• Phished / Compromised (Users who entered data into a fake login page)
• Reported (Users who correctly used the Phishing Report Button)
• And More!

Yes! Phishing simulations are closely tied to the Wizer LMS. You can easily assign quick, micro-learning follow-up videos or hands-on training for individuals who clicked the link or submitted their credentials, transforming a mistake into a learning opportunity.