Initial Baseline Email to Determine Your Phish-Prone Percentage
The answer to this question can vary on a case by case basis. However, as a general best practice, we recommend using a template which is generic and can apply to each individual in your organization. We also recommend that you send the same template to all users all at once for your baseline test.
Depending on the type of setup your organization has or any particular vulnerability that has been exposed in the past, you may wish to make your own custom email. You can also choose one of the many templates included in the System Templates area. For some generic templates that might be the right choice for you, check out our Baseline Templates category under System Templates.
We do have advice on a basic template that will work as a general catch-all for most organizations and that is the simple “Change of Password Required Immediately” email. You can find it in System Templates under the IT category.
It looks like this:
Subject: Change of Password Required Immediately
We suspect a security breach happened earlier this week. In order to prevent further damage, we need everyone to change their password immediately.
Please click here to do that:
Please do this right away. Thanks!