GUEST ESSAY: 5 anti-phishing training tools that can reduce employees’ susceptibility to scams

The vast majority of cyber attacks against organizations pivot off the weakest security link: employees.  The good news is that companies today have ready access to a wide variety of tools that can simulate common types of attacks and boost employee awareness. Here’s a guide to five such services.


AWS Builder Community Hub

This tool, from Cofense, proactively engages employees via simulated attacks based on real-time threats for various phishing tactics. Wide varieties of scenarios are offered to make the employees more aware of such attacks.

Related: Gamification training gains traction.

PhishMe’s online forum provides a series of scenarios, landing pages, attachments and educational pages. This methodology is distributed over a period of a year giving employees time to understand various phishing strategies.  Employees can account for any suspicious emails, through an easy report feature,


This is a platform for security awareness training and simulated phishing tests focusing on the problem of social-engineering. Its cloud-based service helps its’ clients to schedule automated training campaigns and simulated phishing attacks.

A free test is provided for up-to 100 employees. Organizations select the phishing templates and landing page for simulation. After that users are shown which red-flags they missed, and within 24 hours a PDF is emailed to them showing their phish-prone percentage. The charts are shared with management.


Employees are given comprehensive awareness training using actual attacks and live demonstration examples. Knowbe4 also provides a comparison chart of the organization with others in the industry


This service  offers automated phishing tests and training modules. Focusing on phishing attack-vector, it provides support to help build up best practices at place of work.

A continuous cyclic approach of assessment, education, reinforcement and measurement is used to  evolve a program, that delivers targeted training at the moment of need. Assessing employee’s knowledge and organizations’ susceptibility, Wombat provides a customized simulated attacks and learning elements for those falling prey to attacks.

A report on the trends of phishing attacks and training effectiveness is also provided.


This is an online solution for conducting phishing simulations and making employees more cyber aware. It trains employees against susceptibility to spear-phishing, ransomware and social engineering tactics. With easy accessibility to any device, employees can track their simulations and obtain their training. Management can track employee’s progress with real-time reporting.

A phishing simulation is carried out across the organization for all employees or a targeted group. A result is later generated on company’s portal displaying vulnerability score. Those falling prey to attacks are automatically enrolled in training courses.

Based on your requirements, select a tool and train your employees to become an active line of defense.


Our solution provides real-time simulation against phishing, including vishing and smishing variants, as well as various form of ransomware, and other scams.

It follows a four-step cycle for each attack-vector individually. First, a real-time simulation is launched. An Employee Vulnerability Score(EVS) is calculated depending on employee’s behavior towards that attack.

Based on the  EVS, knowledge imparting session is carried out for every employee. Finally, a second round of simulation is carried which is entirely different from the first one. This is done to compare the before and after behavior of employees towards the simulated attacks.

About the essayist: Rishab Gogoi helps directs business development for Kratikal Tech, a New Dehli, Inida-based supplier of managed security services, risk compliance consulting and cybersecurity training.

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: