Smishing Simulator

The Smishing Simulator allows you to create realistic simulated smishing SMS messages sent to employees to assess their ability to recognize suspicious SMS messages and their response to attacks that could compromise organizational data and systems. The product provides the capability to customize and target a smishing campaign suited to your organization and to evaluate the results.

Shortcuts

• How to create smishing scenarios

• How to launch a smishing campaign

• How to view campaign reports

FAQ

Q: How Is the Difficulty Level Determined?

A: The difficulty level of text message templates and landing pages is determined based on several factors, including but not limited to:

• Sophistication of Phishing Techniques: The use of advanced spoofing methods, such as display name spoofing, domain similarity, and the inclusion of personalized information, can make a phishing attempt more difficult to recognize.

• Quality of the Content: The presence of grammatical errors, unusual requests, or other indicators typically associated with phishing can vary. Templates with fewer errors and more realistic scenarios are considered more difficult.

• Design and Presentation: For landing pages, the visual design and how closely it mimics legitimate websites play a crucial role. High-quality designs that closely resemble real sites increase the difficulty level.

• Context and Relevance: Attempts that leverage current events, believable scenarios, or target specific job roles can be harder to identify as phishing, especially if they align closely with the recipient's expectations or experiences.

Criteria for Difficulty Levels

• Easy: These attempts may contain obvious signs of phishing, such as poor spelling and grammar, generic greetings, or implausible requests. They are typically easier for users to identify with basic awareness training.

• Medium: These attempts are smarter, with less clear mistakes and stories that seem more real. They may use email addresses and websites that look authentic, but there are still some errors you can spot if you look closely.

• Hard: These are highly sophisticated attempts that closely mimic legitimate emails and websites, often using personalized information and current events to create convincing scenarios. Recognizing these requires advanced awareness of identity sms phishing tactics.