What is a Phishing Test and How Does it Work?

What is a Phishing Security Test (PST) and How Does it Work?

A Phishing Security Test is a tool provided by KnowBe4, which can determine the vulnerability level of your network by giving you an indication of how many people may be susceptible to an email-born social engineering attack.

It can also be used to supplement and reinforce training received in the KnowBe4 training modules by giving your users real world “practice” in recognizing social engineering attacks and responding to them appropriately.

It works like this: The PST sends one email to each user in your organization. In our initial, free phishing security test, the email sent is a link test, which involves some text meant to lure the user into clicking an embedded link. Once the link is clicked, the user is directed to a Landing Page. Our Basic Landing Page tells the user they have been part of a simulated phishing test and gives them some rules to apply when inspecting emails in their inbox.

The results of the test include the number of users who failed the test divided by the number of users to whom the test was delivered. This gives you a Phish-Prone Percentage – the percentage of your users who “failed” the PST.

If you're a current KnowBe4 customer, you probably already have access to this great tool and can explore our product manual and documentation for best practices on how to utilize it. If you're not a current customer, but are interested in a free phishing test for up to 100 users, check out our website at https://www.knowbe4.com/ to sign up.