My Baseline Test Is Finished. What Do I Tell My Users Now?
We often receive the question of what you should communicate to your users after your baseline phishing test is completed. Your users may be asking you questions about the email they received or they may even be totally unaware a simulated phishing test took place at all. The below message will be a starting point for you to explain what the test was, communicate the results (if desired), and introduce the need for and the importance of Security Awareness Training.
Below is an example of what the message to your users can look like. You can customize it however you wish. For example, you can decide if you want to share your phish-prone percentage with your users to show the company's vulnerability to a phishing attack or if you'd rather keep that information private. You can decide if you'd like to warn your users that more phishing tests are on the way, or keep them unaware.