How to Communicate About Starting a Phishing Simulation Program

Nov 7

Transparency is an important element for any cybersecurity awareness program. It’s good practice to notify everyone at your organization that you will be running phishing simulations, and to communicate that these tests are to promote education and resilience against real world attacks. This creates an environment of trust, rather than one that focuses on negative results around “testing.”

Below we’ve provided some sample language you can use to communicate about your new phishing program using ePHISHiency:

Team,

To further enhance the cybersecurity of [ORGANIZATION NAME], we want to highlight a common cyber attack that everyone should be aware of – phishing emails.

Phishing remains the most common type of cyber attack targeting organizations like ours. Although we employ technologies to help mitigate the risks posed by phishing, we believe that a well prepared and educated team is the greatest defense against these types of threats. To achieve this goal, we will be conducting phishing email simulations within [ORGANIZATION NAME]. The goal of these simulations is to promote awareness across our employees on how to identify potential phishing emails and the best response actions to take if one is identified.

What You Can Do

To avoid potential phishing attacks, please observe the following best practices:

Do not click on links or open attachments from senders that you do not recognize. Be especially wary of compressed or executable file types like .zip or .exe.
Do not provide sensitive personal information (like usernames and passwords) over email.
Watch for email senders that use suspicious or misleading domain names.
Inspect URLs (i.e. www.amazon.com) carefully to make sure they’re legitimate.
Do not open files or documents you did not explicitly request or are otherwise expecting.

If you have trouble determining if an email is legitimate or not, please [INSERT ORGANIZATION PROTOCOL].

Thank you for helping to keep our organization and our people safe from cyber threats. We all have a role to play in helping to keep [COMPANY NAME] secure.

[SENDER NAME]

Having trouble?

Contact Support

How to Communicate About Starting a Phishing Simulation Program

Having trouble?

More KB Articles

New to cybersecurity?

About Hive Systems

Popular Links

Subscribe.

Connect with Us

Cyber Learning.

Resource Center

Learn from Experts

Cyber Services.

By Need

By Risk

By Industry

By Role

Cyber Products.

Derive

Audora

QryptoCyber

Managed Security
Service Provider (MSSP).

Pen Testing

Phishing Simulations

Cybersecurity Maturity Model Certification (CMMC).

Readiness & Implementation

Not Sure?

C3PAO Assessment

Follow Us

Company.

About Us

Our Impact

Work with Us

News

How to Communicate About Starting a Phishing Simulation Program

Having trouble?

More KB Articles

Managing Your Organization When it Comes to a Phishing Simulation Program

Allow Listing by IP Address in Google Workspace

New to cybersecurity?

About Hive Systems

Popular Links

Subscribe.

Connect with Us

Cyber Learning.

Resource Center

Learn from Experts

Cyber Services.

By Need

By Risk

By Industry

By Role

Cyber Products.

Managed SecurityService Provider (MSSP).

Cybersecurity Maturity Model Certification (CMMC).

Follow Us

Company.

About Us

Our Impact

Work with Us

News

Managed Security
Service Provider (MSSP).