IT Support &
Business Software

Would your employees fall for a phishing attack? A phishing simulation case study


Are your employees the weakest link in your security strategy?email phishing simulation

Phishing emails are responsible for 94% of ransomware. Attacks on businesses have grown rapidly in recent years, resulting in costs of over $9 billion to businesses in 2018.

Whilst email security services protect your systems by scanning and blocking malicious emails, they cannot prevent all emails from getting through. As phishing attacks become increasingly sophisticated and more difficult to detect, they pose a serious threat to your business. Hence having employees that are aware of how to deal with cyber threats is paramount.

Would your employees fall for a phishing scam?

Your employees are your best form of defence when it comes to cyber security. This is where a phishing simulation can help. These simulations are designed to test and educate your employees to avoid them falling for a phishing scam.

A real-life Phishing Simulation case study

PCR recently helped one of our clients to implement a phishing simulation rolled out across the business to its 70 employees. Working alongside the MD, PCR helped to test all employees and raise awareness of cyber threats.

Firstly we created a series of emails that resembled socially engineered phishing attacks. These appeared from valid email addresses which had been tweaked slightly. Emails were sent to all employees at random times asking them to click on links. In a real attack, these emails would have compromised the security of the business. Business leaders received monthly reports recording the employees who had opened and clicked on the emails.

Subsequently, a cyber security training programme was established. All employees were encouraged to view an initial training video. After that, employees who repeatedly clicked on links were asked to watch a series of videos that increased in length from 15 to 25 to 35 minutes. Interestingly, the worst offenders were on mobile devices, showing that even more vigilance is required whilst on the move.

Random testing continued over a 12-month period to monitor changes in awareness and working practices. The entire process was easy to administer and proved invaluable in promoting good-practice across the team.

Can a Phishing Simulation help your business?

PCR has partnered with Trend Micro to help businesses manage their IT security more effectively.

Phishing simulations have been shown to improve employee awareness by 25%. Phish Insight, a Trend Micro service, enables you to test and educate your employees on how to spot phishing attacks for free. By combining a phishing simulation with phishing awareness training, you can deliver a holistic approach to help your employees be more resilient to cyber threats.

To find out more about phishing simulations or discuss your IT security in general, contact PCR today.


Josie Sullivan Leroy Reid & Co

Very helpful in supplying the system required with very little down time. Personable and professional in guiding us along the right path. Nothing is too much for them.

David Halloway Southern Testing

Support with a sense of fun!

Carmel Clarke Kingswood Controls

Professional and extremely helpful. PCR will go above and beyond to resolve any IT problems that you may have.

Max Somper Metamark

PCR are very much on the same page as ourselves. They're very flexible, pragmatic about response, efficient, and they've always been the best choice for us as a business.

Keith Faulkner Brainwaves Books

Over the years, I've seen PCR grow and develop, but their attitude and customer service has never altered. The quality of their service remains constant.

Alex Arscott Richard Russell Panels

A good honest company we've dealt with since the year dot.

Contact us now