Phishing Awareness
The purpose of the phishing campaign is a measurement of existing IT behaviour and building knowledge about phishing in your organisation.


Four good reasons to run phishing tests in your organisation
- Get management involved
- Make an impact with your awareness training programme (“Seeing is believing”)
- Tough on measurable KPIs
- Test the emergency readiness
Organisations worldwide are challenged by three-stage phishing attacks
Organisations worldwide are challenged by three-stage phishing attacks that are frequently seen as the cause of security breaches. The three stages of this type of attack are characterised by:
- The sending of a phishing email with a link to a phishing website or attachment infected with malware.
- The hacker establishes a foothold on the computer in question when malware is downloaded via the attachment or phishing website. The username and password are typically stolen via key logging or by the victim being enticed to enter this directly on the phishing website.
- With the username and password, the hacker intensifies the attack by installing additional malware for espionage, ransomware attacks, etc.
Our phishing tests imitate a three-stage attack
Stage 1: Opens the phishing mail
Stage 2: Clicks on the phishing link
Stage 3: Enters the password on the phishing site
In the third stage, there are two types of results:
- A landing page without explanation, where a realistic result is achieved and you are unable to warn colleagues
- A landing page with explanation, for an optimal learning moment, where you can manage to warn colleagues
Dubex reports click rate and data submit rate
Phishing and Targeted phishing
Dubex Phishing tests are available in two varieties:
- Phishing — get a generic comparison of the behaviour in your organization in regard to other organisations and a report with general recommendations. Read more
- Targeted Phishing — experience how many fall into the trap of a tailored attack.
Dubex security consultants perform targeted research and design a phishing test with your organisation in mind, as a hacker would do with a spear phishing attack. Get a report with specific recommendations for your organisation. Read more
Phishing
Start-up: Email
Technical Briefing: Document
Instructions for handling user inquiries: Document
Phishing design: Choose from generic design templates
Max. number of users: 1,000
Max. number of breakdowns/batches of mail sending: 1
Duration: 12 hours
Reporting and recommendations:
- Result for the entire organisation
- Benchmark numbers
- Generic recommendations
- Possibility for follow-up learning: Learning page from selected design template
The following is provided by the customer:
- Language selection (one language)
- IP and domain whitelisting
- Test group (1-5 people)
- User summary (CSV file, see technical brief)
- Date when the test will be carried out
Targeted Phishing (Spear Phishing)
Start-up: On-site or online meeting
Technical Briefing: Document, online meeting
Instructions for handling user inquiries: Document, online meeting
Phishing design: Tailored by Dubex (customer gets two reviews)
Max. number of users: 10,000
Max. number of breakdowns/batches of mail sending: 5
Duration: 24 hours
Reporting and recommendations
- Outcome for the entire organisation and subdivisions
- Benchmark numbers
- Description of targeted research/design (OSINT)
- Tailored recommendations
- Presentation at the customer
- Tailored learning page
Possibility for follow-up learning: Tailored learning page
The following is provided by the customer:
- Language selection (one language)
- IP and domain whitelisting
- Test group (1-5 people)
- User summary (CSV file, see technical brief)
- Date when the test will be carried out
Targeted Phishing (Spear Phishing)
As an initial part of the Dubex Awareness training programme, a phishing campaign is conducted that serves as a measuring point for the existing IT behaviour and knowledge of phishing within the organisation. This zero-point measurement can serve as a reference for an equivalent measurement once the awareness training programme is completed. Furthermore, the campaign serves as a means of communication to employees in the training programme and as an eye-opener for management. Learn more about Dubex Awareness Program.
Get the maximum awareness out of your phishing test
Dubex’s communications products open eyes to the organisation’s behaviour. Use them as part of a larger awareness training programme or as a stand-alone follow-up to your phishing test.
Questions about
Dubex Academy?
Just reach out

Chief Sales & Marketing Officer
rje@dubex.dk
+45 2485 2221

Chief Technology Operations Officer
umu@dubex.dk
+45 2172 0065