{"id":25073,"date":"2021-04-12T08:58:38","date_gmt":"2021-04-12T06:58:38","guid":{"rendered":"https:\/\/smartfense.com\/?p=25073"},"modified":"2024-07-17T17:38:48","modified_gmt":"2024-07-17T15:38:48","slug":"do-you-really-know-what-a-phishing-simulation-is-are-you-sure","status":"publish","type":"post","link":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/","title":{"rendered":"Do you really know what a phishing simulation is? Are you sure?"},"content":{"rendered":"<h1>What is a Phishing Simulation?<\/h1>\n<p>Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their organization\u2019s users will fall for social engineering traps. However, we often need to remember how they work or what they specifically entail.<\/p>\n<p>A <strong>simulation<\/strong> replicates the behavior of a real cyberattack in the following aspects:<\/p>\n<ul>\n<li><strong>Duration<\/strong> of the campaign, usually a few hours<\/li>\n<li><strong>Medium<\/strong> used to deliver the attack, generally via email<\/li>\n<li>Presence of <strong>social engineering techniques<\/strong> in the headers and body of the message<\/li>\n<li>Use of <strong>links<\/strong> or <strong>attachments<\/strong><\/li>\n<li>Use of <strong>fake websites<\/strong> that mimic real ones<\/li>\n<li><strong>Measurement<\/strong> of user actions, such as opening the email, clicking on a link, etc.<\/li>\n<\/ul>\n<p>But there is an important difference: a simulation <strong>does not capture sensitive information<\/strong> and is harmless to the end user or organization.<\/p>\n<p>Real phishing attacks typically end when the cybercriminal captures, for example, the user&#8217;s credentials. In contrast, a simulation might display an educational message after the user performs a risky action, like submitting private information in a form.<\/p>\n<h2>Phishing Simulations Simulate&#8230; Phishing<\/h2>\n<p>The main function of a phishing simulation is to behave like real phishing.<\/p>\n<p>However, many people expect something different. For instance, that <a href=\"https:\/\/smartfense.com\/cuanto-duran-las-campanas-de-phishing\/\" target=\"_blank\" rel=\"noopener\"><strong>the campaigns last a month<\/strong><\/a>, that they <a href=\"https:\/\/smartfense.com\/la-simulacion-de-phishing-de-oro-o-como-interpretamos-de-manera-incorrecta-los-resultados-de-nuestras-pruebas\/\" target=\"_blank\" rel=\"noopener\">trick as many users as possible<\/a>, or that the simulation emails are not detected by security technologies.<\/p>\n<p>This expectation is not consistent with reality. <strong>If we want to simulate a phishing trap, it must behave like real phishing.<\/strong><\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"size-full wp-image-9468 aligncenter\" src=\"https:\/\/smartfense.com\/file\/2021\/04\/helado.png\" alt=\"\" width=\"640\" height=\"367\" srcset=\"https:\/\/smartfense.com\/file\/2021\/04\/helado.png 640w, https:\/\/smartfense.com\/file\/2021\/04\/helado-300x172.png 300w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<h2>What Do We Want to Measure?<\/h2>\n<p>The ultimate goal of a phishing simulation is to <strong>measure user behavior to understand the organization&#8217;s risk level.<\/strong><\/p>\n<p>Why do we emphasize this point? Mainly because if we want to know how our users would behave in a real attack, <strong>we must ensure that the user group we want to evaluate receives the phishing email.<\/strong><\/p>\n<p>Frequently, security or IT managers expect simulations to reach the user&#8217;s inbox bypassing all the organization&#8217;s technological barriers without any whitelist process. Sometimes this happens, sometimes it doesn&#8217;t (just like real phishing), but the only thing we achieve with this approach is obtaining an <strong>incorrect result about our users&#8217; risk level.<\/strong><\/p>\n<p>A phishing simulation is not used to measure whether the organization&#8217;s <strong>security tools<\/strong> work. It is used to measure the behavior, conduct, and actions of <strong>people<\/strong>. Therefore, we highlight the importance of configuring the <strong>appropriate whitelists<\/strong> so that we can measure what needs to be measured.<\/p>\n<h2>Whitelist and SPAM<\/h2>\n<p>The <strong>whitelist process<\/strong> is among the <a href=\"https:\/\/smartfense.com\/blog\/checklist-rapido-para-crear-su-primera-campana-de-phishing\/\" target=\"_blank\" rel=\"noopener\">steps to consider<\/a> when creating the first phishing simulation campaigns.<\/p>\n<p>One of the goals of the whitelist is that the phishing email reaches the user&#8217;s inbox directly and <strong>does not fall into SPAM.<\/strong><\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-9473 aligncenter\" src=\"https:\/\/smartfense.com\/file\/2021\/04\/herramienta_seguridad.png\" alt=\"\" width=\"602\" height=\"226\" srcset=\"https:\/\/smartfense.com\/file\/2021\/04\/herramienta_seguridad.png 602w, https:\/\/smartfense.com\/file\/2021\/04\/herramienta_seguridad-300x113.png 300w\" sizes=\"(max-width: 602px) 100vw, 602px\" \/><\/p>\n<p>It is also used to prevent security tools from interacting with the simulation emails, <strong>generating statistics on behalf of the users<\/strong>, a very common situation.<\/p>\n<p>Specifically, what happens is that phishing simulation emails contain unique links that uniquely identify a user within a campaign and <strong>serve to detect the interactions that the user makes<\/strong>, and therefore, <strong>measure their behavior.<\/strong><\/p>\n<p>Without an adequate whitelist process, security tools <strong>query these links<\/strong> one or more times, <strong>thus generating false interactions on behalf of the user<\/strong> to whom the simulation was directed.<\/p>\n<p>Ultimately, they prevent the measurement of user behavior, which is the goal of the simulation.<\/p>\n<p><img decoding=\"async\" class=\"size-full wp-image-9478 aligncenter\" src=\"https:\/\/smartfense.com\/file\/2021\/04\/herramienta_seguridad01.png\" alt=\"\" width=\"602\" height=\"269\" srcset=\"https:\/\/smartfense.com\/file\/2021\/04\/herramienta_seguridad01.png 602w, https:\/\/smartfense.com\/file\/2021\/04\/herramienta_seguridad01-300x134.png 300w\" sizes=\"(max-width: 602px) 100vw, 602px\" \/><\/p>\n<p>A correct whitelist process for the domains and IPs used in phishing simulations will allow us to <strong>obtain a clean and useful result<\/strong> from our simulations.<\/p>\n<h2>Test Campaigns<\/h2>\n<p>To know if our whitelist process is working correctly and we have considered all relevant tools, we must conduct test phishing simulation campaigns. These campaigns <strong>should not affect our awareness program&#8217;s statistics<\/strong>, and they allow us to ensure everything is in order before launching our real campaign.<\/p>\n<p>Test campaigns are a good practice to consider <strong>before launching each phishing simulation campaign<\/strong>. It is not enough to do it only once after implementing the whitelists, as it is very common for security tools to update, change, add, or remove. This situation has the potential to ruin an entire campaign. And it does.<\/p>\n<p>Therefore, we recommend conducting test campaigns when <strong>evaluating<\/strong> which phishing simulation scenario to send and the <strong>day before the simulation<\/strong>.<\/p>\n<h2>Other Security Warnings<\/h2>\n<p>After implementing the whitelist in all relevant systems and the email client, users receive the simulations in their inbox in most cases.<\/p>\n<p>At this point, the following situation may occur: upon opening the simulated phishing email, they <strong>find a security warning<\/strong> indicating that the message is suspicious.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-9483 aligncenter\" src=\"https:\/\/smartfense.com\/file\/2021\/04\/phishing_correo.png\" alt=\"\" width=\"645\" height=\"279\" srcset=\"https:\/\/smartfense.com\/file\/2021\/04\/phishing_correo.png 645w, https:\/\/smartfense.com\/file\/2021\/04\/phishing_correo-300x130.png 300w\" sizes=\"(max-width: 645px) 100vw, 645px\" \/><\/p>\n<p>These types of warnings <strong>are independent of the simulation tool used<\/strong>. Their presence is conditioned by:<\/p>\n<ul>\n<li>The <strong>email client<\/strong><\/li>\n<li>The <strong>whitelist configuration options<\/strong> it provides<\/li>\n<li>The <strong>configurations<\/strong> of each user regarding the email client and the actions the user particularly takes on emails, such as marking a sender as SPAM.<\/li>\n<li>The result of the analysis that security tools perform on the email, including:\n<ul>\n<li>The content of the <strong>FROM, CC, BCC, Reply To<\/strong> fields, and other email headers like Return-Path<\/li>\n<li>The result of validating the email against security protocols like <strong>SPF, DKIM, and DMARC<\/strong><\/li>\n<li>The <strong>words or phrases<\/strong> used in the subject or body of the email<\/li>\n<li>The presence or absence of <strong>links<\/strong>, their reputation, and characteristics, such as whether they are shortened or not<\/li>\n<li>The presence or absence of <strong>attachments<\/strong>, their name, extension, and content<\/li>\n<li>The presence or absence of <strong>images<\/strong> in the email, their relation to recognized organizations, the URLs they reference, etc.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>How to Remove These Warnings?<\/h2>\n<p>These types of security warnings <strong>are not a bug, malfunction, or error of the phishing simulation solutions<\/strong>, but the result of their interaction with other social engineering protection technologies. They cannot be avoided 100% as this depends on the evolution and specific adjustments of the attack and defense tools.<\/p>\n<p>It is most common that the email client <strong>does not provide a direct method to remove them<\/strong>, and for this reason, the recommendation is to keep them because we cannot control when or how they are shown to some users. Their presence depends on the analysis of a <strong>very broad and constantly changing set of factors.<\/strong> In practice, it can be observed that <strong>even within an organization<\/strong>, the same user on the same email sometimes sees a security warning and sometimes does not.<\/p>\n<p>Ultimately, these warnings are present because we are simulating a real phishing, <strong>and therefore it is correct to measure our users&#8217; behavior in this scenario.<\/strong><\/p>\n<h2>Final Considerations<\/h2>\n<p>Phishing simulations are an essential tool in today&#8217;s reality, where phishing <strong>holds the main place in all cybersecurity reports<\/strong> over the past decade.<\/p>\n<p>Measuring our users&#8217; behavior and taking actions to foster a secure culture is the right path to addressing this risk and <strong>reducing both its likelihood and impact.<\/strong><\/p>\n<p>Understanding how this measurement technique interacts with other technologies is key to maintaining focus on what is relevant: the evolution of user habits.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their organization\u2019s users will fall for social engineering traps. However, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":22974,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[686],"tags":[510,1140,1135,1136,849,1138,1130,1139,1137],"class_list":["post-25073","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-best-practices","tag-cyber-attack-simulation","tag-cybersecurity","tag-it-security","tag-phishing-en","tag-phishing-attack","tag-phishing-simulation","tag-security-awareness","tag-social-engineering"],"acf":[],"yoast_head":" \n<title>Do you really know what a phishing simulation is? Are you sure? - SMARTFENSE - Awareness in Cyber Security<\/title>\n<meta name=\"description\" content=\"best practices, Cyber Attack Simulation, Cybersecurity, IT Security, phishing, Phishing Attack, phishing simulation, Security Awareness, Social Engineering - What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their Learn what a phishing simulation is and how it helps organizations measure user behavior and risk. Discover the key aspects of phishing simulations and their importance in cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Do you really know what a phishing simulation is? Are you sure? - SMARTFENSE - Awareness in Cyber Security\" \/>\n<meta property=\"og:description\" content=\"best practices, Cyber Attack Simulation, Cybersecurity, IT Security, phishing, Phishing Attack, phishing simulation, Security Awareness, Social Engineering - What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their Learn what a phishing simulation is and how it helps organizations measure user behavior and risk. Discover the key aspects of phishing simulations and their importance in cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/\" \/>\n<meta property=\"og:site_name\" content=\"SMARTFENSE - Awareness in Cyber Security\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-12T06:58:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-17T15:38:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/smartfense.com\/file\/2024\/05\/simulacion_phishing.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Nicol\u00e1s Bruna\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nicol\u00e1s Bruna\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/\"},\"author\":{\"name\":\"Nicol\u00e1s Bruna\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/5494c12e79213c554fa449135589c24c\"},\"headline\":\"Do you really know what a phishing simulation is? Are you sure?\",\"datePublished\":\"2021-04-12T06:58:38+00:00\",\"dateModified\":\"2024-07-17T15:38:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/\"},\"wordCount\":1157,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/simulacion_phishing.jpg\",\"keywords\":[\"best practices\",\"Cyber Attack Simulation\",\"Cybersecurity\",\"IT Security\",\"phishing\",\"Phishing Attack\",\"phishing simulation\",\"Security Awareness\",\"Social Engineering\"],\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/\",\"name\":\"Do you really know what a phishing simulation is? Are you sure? - SMARTFENSE - Awareness in Cyber Security\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/simulacion_phishing.jpg\",\"datePublished\":\"2021-04-12T06:58:38+00:00\",\"dateModified\":\"2024-07-17T15:38:48+00:00\",\"description\":\"best practices, Cyber Attack Simulation, Cybersecurity, IT Security, phishing, Phishing Attack, phishing simulation, Security Awareness, Social Engineering - What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their Learn what a phishing simulation is and how it helps organizations measure user behavior and risk. Discover the key aspects of phishing simulations and their importance in cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#primaryimage\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/simulacion_phishing.jpg\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/simulacion_phishing.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Do you really know what a phishing simulation is? Are you sure?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"name\":\"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/smartfense.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\",\"name\":\"SMARTFENSE\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"width\":241,\"height\":40,\"caption\":\"SMARTFENSE\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/5494c12e79213c554fa449135589c24c\",\"name\":\"Nicol\u00e1s Bruna\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g\",\"caption\":\"Nicol\u00e1s Bruna\"},\"description\":\"Product Manager de SMARTFENSE. Su misi\u00f3n en la empresa es mejorar la plataforma d\u00eda a d\u00eda y evangelizar sobre la importancia de la concientizaci\u00f3n. Ha escrito dos whitepapers y m\u00e1s de 150 art\u00edculos sobre gesti\u00f3n del riesgo de la ingenier\u00eda social, creaci\u00f3n de culturas seguras y cumplimiento de normativas. Tambi\u00e9n es uno de los autores de la Gu\u00eda de Ransomware de OWASP y el Calculador de costos de Ransomware, entre otros recursos gratuitos.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/nicolasbruna\\\/\"],\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/author\\\/nicolas\\\/\"}]}<\/script>\n ","yoast_head_json":{"title":"Do you really know what a phishing simulation is? Are you sure? - SMARTFENSE - Awareness in Cyber Security","description":"best practices, Cyber Attack Simulation, Cybersecurity, IT Security, phishing, Phishing Attack, phishing simulation, Security Awareness, Social Engineering - What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their Learn what a phishing simulation is and how it helps organizations measure user behavior and risk. Discover the key aspects of phishing simulations and their importance in cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/","og_locale":"en_US","og_type":"article","og_title":"Do you really know what a phishing simulation is? Are you sure? - SMARTFENSE - Awareness in Cyber Security","og_description":"best practices, Cyber Attack Simulation, Cybersecurity, IT Security, phishing, Phishing Attack, phishing simulation, Security Awareness, Social Engineering - What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their Learn what a phishing simulation is and how it helps organizations measure user behavior and risk. Discover the key aspects of phishing simulations and their importance in cybersecurity.","og_url":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/","og_site_name":"SMARTFENSE - Awareness in Cyber Security","article_published_time":"2021-04-12T06:58:38+00:00","article_modified_time":"2024-07-17T15:38:48+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/smartfense.com\/file\/2024\/05\/simulacion_phishing.jpg","type":"image\/jpeg"}],"author":"Nicol\u00e1s Bruna","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Nicol\u00e1s Bruna","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#article","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/"},"author":{"name":"Nicol\u00e1s Bruna","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/5494c12e79213c554fa449135589c24c"},"headline":"Do you really know what a phishing simulation is? Are you sure?","datePublished":"2021-04-12T06:58:38+00:00","dateModified":"2024-07-17T15:38:48+00:00","mainEntityOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/"},"wordCount":1157,"commentCount":0,"publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2024\/05\/simulacion_phishing.jpg","keywords":["best practices","Cyber Attack Simulation","Cybersecurity","IT Security","phishing","Phishing Attack","phishing simulation","Security Awareness","Social Engineering"],"articleSection":["Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/","url":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/","name":"Do you really know what a phishing simulation is? Are you sure? - SMARTFENSE - Awareness in Cyber Security","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#primaryimage"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2024\/05\/simulacion_phishing.jpg","datePublished":"2021-04-12T06:58:38+00:00","dateModified":"2024-07-17T15:38:48+00:00","description":"best practices, Cyber Attack Simulation, Cybersecurity, IT Security, phishing, Phishing Attack, phishing simulation, Security Awareness, Social Engineering - What is a Phishing Simulation? Many cybersecurity or IT managers look for phishing simulation platforms to analyze the likelihood that their Learn what a phishing simulation is and how it helps organizations measure user behavior and risk. Discover the key aspects of phishing simulations and their importance in cybersecurity.","breadcrumb":{"@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#primaryimage","url":"https:\/\/smartfense.com\/file\/2024\/05\/simulacion_phishing.jpg","contentUrl":"https:\/\/smartfense.com\/file\/2024\/05\/simulacion_phishing.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/smartfense.com\/en\/blog\/do-you-really-know-what-a-phishing-simulation-is-are-you-sure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/smartfense.com\/en\/"},{"@type":"ListItem","position":2,"name":"Do you really know what a phishing simulation is? Are you sure?"}]},{"@type":"WebSite","@id":"https:\/\/smartfense.com\/en\/#website","url":"https:\/\/smartfense.com\/en\/","name":"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad","description":"","publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartfense.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/smartfense.com\/en\/#organization","name":"SMARTFENSE","url":"https:\/\/smartfense.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","contentUrl":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","width":241,"height":40,"caption":"SMARTFENSE"},"image":{"@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/5494c12e79213c554fa449135589c24c","name":"Nicol\u00e1s Bruna","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b03096bf4c3dd886cfcffd7415eadf6f80d2c8126188409e7d4d1d1b6b911fcb?s=96&d=mm&r=g","caption":"Nicol\u00e1s Bruna"},"description":"Product Manager de SMARTFENSE. Su misi\u00f3n en la empresa es mejorar la plataforma d\u00eda a d\u00eda y evangelizar sobre la importancia de la concientizaci\u00f3n. Ha escrito dos whitepapers y m\u00e1s de 150 art\u00edculos sobre gesti\u00f3n del riesgo de la ingenier\u00eda social, creaci\u00f3n de culturas seguras y cumplimiento de normativas. Tambi\u00e9n es uno de los autores de la Gu\u00eda de Ransomware de OWASP y el Calculador de costos de Ransomware, entre otros recursos gratuitos.","sameAs":["https:\/\/www.linkedin.com\/in\/nicolasbruna\/"],"url":"https:\/\/smartfense.com\/en\/author\/nicolas\/"}]}},"_links":{"self":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/25073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/comments?post=25073"}],"version-history":[{"count":2,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/25073\/revisions"}],"predecessor-version":[{"id":25075,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/25073\/revisions\/25075"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media\/22974"}],"wp:attachment":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media?parent=25073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/categories?post=25073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/tags?post=25073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}