Run a phishing simulation now and increase security awareness

Give your employees the opportunity to train how to deal with dangerous emails. One-time or ongoing - but always without danger.

Leading organizations rely on our expertise

You too can benefit from our modern approaches to business and research

Security Awareness Training made in Germany. In coordination & with a lot of creativity.

Email is the attack vector for criminals. Phishing emails and malicious attachments are a threat to all industries and organizations.

Recognition and handling can be trained with modern technology. An infection with an encryption Trojan can be prevented and the outflow of sensitive data can be counteracted.

A phishing simulation helps you to determine the security awareness level in your organization. But it is also possible to measure the effectiveness of training courses, lighthouse events or other measures.

Ask now for your non-binding offer, so that we can soon start with the measurement at your site as well.

Unique simulation

from 1,25 EUR / e-mail

Capture click and open rates once

Recommendations for action based on results

Customizable in the degree of difficulty of recognition

Adaptable to your organization

Meaningful report

ISO 27001 certified data storage

Recurring simulation

from 0,25 EUR / e-mail

Regularly record click and open rates

Recommendations for action based on the results

2 – 12 simulated phishing emails / year

The level of difficulty for recognition is increased

Adaptable to your organization

Individual, recurring reports with defined delivery cycles

ISO 27001 certified data storage



After you have contacted us to carry out a professional phishing simulation, you will receive a quotation, project plan and other general conditions from us.

Submit your request now via our configurator to perform phishing simulations.



The offer is signed, the phishing simulation can be started soon. The team is assembled, phishing emails are designed and landing pages are tested.

They release our static IP address and also white list our individual email header.



Timing, email and landing page is aligned. You transmit the necessary data. The recipient circle is determined.

Seconds pass until all targets have been reached. However, e-mails can also be sent at different times.



We compile the report and make individual recommendations for action based on the figures.

After the phishing simulation is before the phishing simulation. When are you due for a rerun?

Chris Wojzechowski
Managing Partner

IT security creates trust.
Contact us now!

Tel. 0209 8830 6761

Our employees are certified by the following organizations

FAQ – Frequently asked questions

What data is needed to run a phishing simulation?

If you are planning a phishing simulation, we need at least the email address of the recipients. We also recommend that you specify the department, team or location of the persons. A complete data record also contains the first and last name of the person. Often this information can already be inferred from the e-mail. If you cannot specify a group for assignment (team, department, location or similar), numbers are only possible to communicate for the entire data set.

Does the report include detailed information on open and click-through rates for individual emails?

No, the results shown in the report always refer to groups larger than 9 emails. Detailed reporting of individual e-mails is only possible in close consultation and agreement with the works council and the person responsible for data protection.

How meaningful are the recorded numbers of a phishing simulation?

Measuring security awareness is a challenge. The recorded figures in the context of a phishing simulation are a tried and tested approach to measure the (mis)success of campaigns. Phishing simulations become more meaningful when they are performed more frequently.

Why do I need to whitelist the IP address of the email server?

The aim of the phishing simulation is to give the employees the opportunity to train how to deal with potentially dangerous e-mails. Even if you have already taken technical precautions (security gateway, virus scanner, firewall), it can still happen that criminals get through and deliver the e-mails.

In the context of a phishing simulation, the focus is not on checking the technical functionality, but on the ability of your employees to detect malicious e-mails. For this reason, we recommend whitelisting the IP address.

Why is a customized e-mail header used in addition to the IP address?

Rarely is it possible to identify a malicious email based on a single characteristic. Depending on how many phishing defense mechanisms you have in place, using a customized email header can ensure that the majority of simulated phishing emails are delivered.

The e-mail header is created individually for you and is recorded in the contract documents. We recommend removing the whitelisting after the campaign has been run.

When does a one-time phishing simulation make sense?

Within the scope of an aspired ISO 27001 (re-)certification, figures regarding the security awareness level have to be recorded. The implementation of a phishing simulation is a well-established tool. Once a year you should do such training.

When does it make sense to run a regular phishing simulation?

There are many reasons to run a phishing simulation on a regular basis. Especially if you have an exceptionally high number of incidents related to phishing and/or triggered malware via email. But also particularly high click and opening rates of the first phishing simulation suggest a regular execution.

Our memberships

We achieve more as a community. For this reason, we are members of and involved in selected associations.