Email Security 21-Jan-2025 12:22:46 Max Harper 7 min read
(FEATURED IMAGE ABOVE CREATED USING A.I) MANAGED PHISHING SIMULATION SERVICE
A review of the phishing net in 2024
The team at Spear Shield has reeled in the phishing net and analysed the data from over 40,000 phishing emails sent to users last year through our Managed Phishing Simulation Service. This blog post shares valuable insights and practical guidance for conducting a successful phishing simulation and user awareness campaign.
Key Insights from 2024
- 21.5% Average Click Rate without Egress (KnowBe4) Defend
- 12.9% Average Credential Harvest without Egress (KnowBe4) Defend
- 10.3% Average Click-Rate with Egress (KnowBe4) Defend
These findings emphasise the critical role of technology and education in mitigating phishing risks.
CTO's Thoughts: Evolving Threats and Smarter Defences
"I'm 
incredibly proud of the positive impact we've continued to deliver for our customers in 2024 through our Managed Phishing Service. This year, we've focused on adapting to increasingly sophisticated threats, such as AI-driven phishing campaigns and QR code-based attacks, while remaining dedicated to highlighting and mitigating risks across the diverse organisations we support.
Our extensive phishing data has given us unique insights into what truly works to reduce risk. Three key areas stand out:
- Tailored Phishing Training – Real-time training redirects and follow-up content empower users to recognise and respond to threats.
- Enhanced Email Security – An integrated cloud email security layer to detect and train users about phishing attacks in real-time.
- Advanced Web Security – Reliable protection that detects phishing pages, evenwhen malware isn't present. Too often have we seen phishing web pages go undetected by traditional web proxies."
~ Josh Broadbent, CTO at Spear Shield Ltd
Why Phishing Simulations are Essentials
Phishing simulations are vital for increasing cybersecurity awareness and empowering employees to recognise and act against phishing threats. Hackers exploit human trust and curiosity—making phishing one of the most popular attack vectors. Even the most advanced technical measures can be bypassed by well-crafted phishing attacks.
Managed Phishing: An Overview
Spear Shield’s Managed Phishing Service offers organisations a clear understanding of their human-activated risk through:
- Customisable Simulations: Choose from payloads like links, QR codes, or attachments.
- Realistic Scenarios: Redirect users to training content, legitimate-looking pages, or credential harvesting sites.
- Threat-Driven Design: Leverage email threat intelligence for the most relevant simulations.
Why Regular Simulations Matter:
- Keep employees vigilant against evolving threats.
- Identify repeat offenders and target them with extra training.
- Streamline reporting culture and processes
OUR METHODOLOGY
Steps for Successful Campaigns:
- Choose the payload (link, attachment, or QR code).
- Design templates and landing pages (e.g., credential harvesting, training redirects).
- Whitelist IP addresses and domains.
- Test deliverability and tracking.
- Schedule emails (drip-feed or ‘big bang’).
- Capture results after a set period.
- Present findings with actionable recommendations.
Types of Simulations
Baseline Simulations Generic templates like Microsoft OneDrive file shares establish an organisation’s cybersecurity awareness baseline.
Credential Harvesting Evaluate susceptibility by simulating fake login pages for commonly used systems. Hackers often “log in” rather than “break in.”
Attachment-Based Simulations Simulate attacks involving malicious documents containing links to credential harvesting pages.
Spear Phishing Highly targeted simulations mimicking trusted sources. These attacks typically yield higher click rates due to their authenticity.
| Customers without Egress Defend |
Customers with Egress Defend |
|
| Overall Click Rate: | 21.5% | 10.3% |
| Credential Harvest Rate: | 12.9% | 5.8% |
CUSTOMER SUCCESS STORIES
- Private Healthcare - 300 users = 75% click-rate reduced to 1.6%
- Recruitment - 500 users = 24.7% click-rate reduced to 7.7%
- Construction - 100 users = 40.7% click-rate reduced to 0%
- Financial Services - 150 users = 82.5% click-rate reduced to 1.3%
- Hospitality - 4,500 users = 35.1% click-rate reduced to 3.8%
- Pharmaceutical - 2,000 users = 16.3% click-rate reduced to 0.5%
Do’s and Don’ts for Successful Campaigns
Do:
- Tailor simulations to real-world threats.
- Use diverse payloads and themes to identify vulnerabilities.
- Provide feedback and recognise users who excel.
Don’t:
- Make campaigns predictable.
- Penalise users for mistakes.
- Use overly sensitive content that could upset employees.
Emerging Threats in 2025
- Geo-Targeted QR Code Phishing: Scams customised to location or language for increased credibility.
- AI-Powered Phishing: AI generates highly convincing emails, voice clips, and videos.
- MFA Fatigue Attacks: Overwhelming users with repeated authentication requests to gain access.
(image created using AI)
How Spear Shield Can Help
- Managed Phishing Simulation Service
- Spear Shield Cyber Academy
- Real-Time Awareness Training
- Threat Intelligence as a Service
- Advanced Web Security
Free Email Security Assessment Over two weeks, gain insights into:
- Dangerous emails bypassing defences.
- User susceptibility to phishing.
- Effectiveness of real-time teachable moments.
Setup is simple, requiring just three short remote sessions.
Max Harper
As CEO and Co-Founder, Max is dedicated to Spear Shield’s mission of creating one of the most cyber secure client communities across Suffolk, East Anglia, and the UK. By working closely with business leaders and IT Teams, Max’s approach is to understand core business drivers, challenge the conventional approaches to cybersecurity strategies and enable our customers to articulate risk and exceed their cybersecurity needs.