Skip to main content

Phishing Simulation

Updated yesterday

What Is It All About?

Guardz provides a robust Phishing Simulation tool, designed to enhance employee awareness of social engineering threats. Whether you’re an MSP or an IT administrator, the platform allows you to create realistic phishing campaigns using AI-generated emails or pre-built templates, and assign them to targeted users or groups.

Why Run a Phishing Simulation?

Running a phishing simulation before launching an awareness training campaign helps assess employee vulnerability to phishing attacks. The insights gained can then be used to tailor future training, highlight risk areas, and reinforce secure behavior.

Types of Simulations

Guardz offers two main approaches:

1. AI-Generated Campaigns

Leverage generative AI to craft personalized phishing emails based on:

  • Recipient Details: name format, job title, and group

  • Tone and Language: supports multiple languages

  • Industry Context

  • Email Length and Format

The content can be regenerated and fully edited (subject line, sender, and body), and must include the phishing link.

2. Pre-Built Templates

Choose from a library of realistic phishing templates that simulate real-world threats, such as impersonations of services like AWS and Microsoft 365. These templates are:

  • Professionally designed

  • Ready to launch

  • Available for preview

Simulation Assignment Options

Administrators can assign simulations to:

  • All users within a specific customer

  • Specific groups (synced via Microsoft or Google Workspace)

  • Individual users (ideal for testing or targeted training)

Please bear in mind that assignments may occur at both levels: global and per specific customer.


Launching a Phishing Simulation: Step-by-Step

1. Create a Campaign

  • Go to the ‘Awareness’ section and click on ‘Create Phishing Simulation’

  • Ensure that phishing emails sending permissions are enabled (use this article in case it needs to be activated)

2. Choose Your Template & Setup Simulation Content

  • Click on ‘Generate a custom camping’ for AI-generated content

  • Available languages for AI: English (US/UK/AUS), Dutch, French, German, Hebrew, Italian, Spanish, Portuguese

or

  • Select a predefined template (you may select up to 7 different templates for a single campaign)

    • If more than one template is selected, you will be able to set up recurring phishing attempts

    • Languages can be modified using the dropdown list on the left hand side

    • Available languages: Dutch, English, French, German, Hebrew, Spanish, Portuguese

3. Preview Your Content

  • Verify the selected templates are correctly presented

  • Provide your campaign with a name

  • Kindly note that at this point the ‘From Email’ domains are defined

4. Schedule The Simulation & Assign Users

  • Define a start date

  • Select the desired frequency (for example, 1 template every month)

  • Email delivery is scheduled to occur during your local working hours

  • Disable ‘Randomized Delivery’ to deliver all phishing email at once

  • Select individuals, groups, or full organizations (if a full customer is selected, you may enable / disable specific users by amending the list using the ‘Edit’ button on the right)

4. Launch

  • Review all settings

  • Click ‘Assign’ to launch the campaign


Tracking Results

Results become visible within 1 hour after launch.

You can review your launched campaigns from the main view of the 'Awareness' section.

Each sent template will include:

  • Failed Rate – % of users who opened the email

  • Pending Rate – It appears as long as the specific campaign has not yet finished. It lists all users who have not opened the email at the time the report is generated

  • Passed Rate - once the specific single campaign is ended the passed rate appears (detailing how many users eventually passed the simulation)

Each recipient receives a status:

  • Pending – sent/opened, no click

  • Passed – opened but didn’t click

  • Failed – link clicked (failed simulation)

Clickers are shown a landing page indicating the email was a phishing simulation.

You can export results to CSV or print the report.


Campaign Edits & Stop Behavior

Please note that editing campaign function is available for future scheduled campaigns only.

  • Adding new users mid-campaign will schedule delivery within the remaining window

  • Stopping a campaign (available only for active and running simulations):

    • Cancels all pending deliveries

    • Displays users who didn’t receive emails

    • Shows the % of undelivered simulations

  • You may also delete a campaign regardless of its running status (deleting the campaign will stop all email deliveries)


Awareness Issues & Remediation

The issues will be raised for the Phishing simulation once the simulation has been completed or stopped.

Did this answer your question?