OFFphish

Contact us

Our solution

We all master technology. But where we really stand out is in our holistic approach to cybersecurity. Many of our competitors focus on technical tools, but neglect a fundamental aspect: concretely changing user behavior.

Our approach, based on Spaced Repetition, a learning technique which involves revising information at increasing time intervals, is adapted to the user’s maturity level and makes them active in their behavior change.

Step 1: Phishing simulation

We faithfully reproduce the operating methods of attackers and firmly believe that users must be confronted with different scenarios as close as possible to reality

01. One phishing simulation is sent per month and per user. Phishing simulation campaigns are fully automated and run throughout the year, with no manual action required on your part. We are constantly adding new phishing simulations, integrating new scenarios in line with emerging threats, such as recently with QR codes

02. We vary the simulations and sending dates, ensuring that your users are not confronted with the same phishing attempt at the same time or with the same scenario. This mechanism makes it possible to avoid any collusion which would bias the campaign

03. Each scenario that we propose is classified according to its level of complexity, allowing us to adapt the scenario to the current maturity level of each of your users. You can choose to classify users by group, by department or by entity

Training is integrated into phishing campaigns. As soon as an employee is trapped, they trigger a personalized support and training process in 3 steps:

Step 2: Phishing training

We combine the best teaching methods to transform mistakes into opportunities for development. Our training process is entirely in English.

01. On-the-spot training, as soon as they are trapped, taking the email received by the employee and indicating all the elements in it that should have alerted them

02. The following working day, the user who was trapped receives an email giving them additional advice adapted to their level of maturity and giving them access to the elements in the email they received the day before which should have alerted them.

03. One week after being trapped, the employee is invited to participate in a one-minute serious game, placing them at the heart of their own behavioral change process. This interactive game simulates a phishing situation, where the employee is invited to identify and select suspicious elements on their own, thus strengthening their ability to recognize future phishing attempts

Step 3: Dashboard

Obtain both a global vision of the results of phishing simulations and a detailed vision of them, in real time

01. The dashboard includes a graph giving an overview of the number of users who opened an email, clicked on it or submitted data, per month.

02. It also includes monthly indicators. For each month, the administrator will be able to see, in table form, the total number of emails opened, clicks and data submitted, as well as the % of emails opened, clicks and data submitted.

03. Detailed data per employee, including: month, first name, last name, if they opened the email, if they clicked on the email, if they submitted data, date and time of click and the date and time of data submission, the serious game score.

04. The maturity level of the organization, averaging the maturity level of each user. The maturity score ranges from 0 to 100.

05. A table showing which users pose a risk to the organization. This table includes users who have submitted data at least once or clicked on a phishing email at least twice