Go Back Up

SPEAR SHIELD LTD TRUSTED CYBERSECURITY PARTNER IPSWICH, SUFFOLK HQ

UNDERSTAND HUMAN RISK WITH A FREE MANAGED PHISHING CAMPAIGN



"GAIN INSIGHT INTO RISK AND USERS SECURITY BEHAVIOURS"

Josh - Black and White Headshot with Yellow Outline"Phishing is the most effective attack vector for cybercriminals, yet too many businesses rely on off-the-shelf phishing templates that don’t reflect real-world threats. At Spear Shield, we take a spear phishing approach, crafting highly targeted simulations that mimic the tactics we see attackers using in the wild.

This free managed phishing campaign isn’t just about seeing who clicks - it’s about understanding user behaviours, identifying real risks, and providing actionable insights that you can articulate back to your business. With full reporting and behavioural analysis, you’ll gain a clear picture of your organisation’s resilience to phishing attacks.

And there’s no catch (to pardon the pun!) - this is simply a chance to experience working with us first-hand and see the true value of having Spear Shield as a cybersecurity partner." Josh Broadbent, CTO, Spear Shield

Copy of SSS ITFC Nov 2024 Promo (22)

HUMAN RISK LANSCAPE

WHY RUN A FREE MANAGED PHISHING CAMPAIGN?

  • Slipping through the net
    In 2024, there was a 52.2% increase in the number of attacks that got through Secure Email Gateway (SEG) detection and a 50.9% increase in attacks bypassing Microsoft’s native defences.
  • It started with a Phish...
    61% of the root cause of ransomware attacks responded to in 2024 was introduced to an organisation through ‘human-activated risk’. Compromised credentials, malicious emails, phishing, downloads and more.

  • Less than 60 seconds
    The Median time to click on a malicious link after the email is opened is     21 seconds and then only another 28 seconds for the person caught in the phishing scheme to enter their data. The median time for users to fall for phishing emails is less than 60 seconds.

MANAGED PHISHING OVERVIEW

WHAT'S INCLUDED IN YOUR FREE MANAGED PHISHING CAMPAIGN?

  • Spear Phish Campaign Templates
    Campaigns based on real-world phish that we see in the wild
  • Full- Exec Ready Reporting incl User Behaviour Analysis
    includes Click-Rate %, Credential Harvest %, Industry Benchmarking, Device Type Breakdown, User Behaviour Analysis, Consultative Recommendations, and more.
  • Spear Phish Campaign Templates
    Campaigns based on real-world phish that we see in the wild
Copy of SSS ITFC Nov 2024 Promo (23)

"I have been working with Spear Shield for the past 2 years understanding human risk through their phishing simulation service and I can say the service has been thoroughly professional and second to none which has culminated in a tangible reduction in insider threat risk. I also congratulate Spear Shield for their passion and work elevating the importance of cyber security in our local and national business communities." 
Kevin W. Head of Cyber and I.T. Security

DELIVERED AS A FULLY MANAGED SERVICE

HOW IT WORKS

  • Step 1. Scoping call to discuss Campaign Ideas together
  • Step 2. Send a CSV with User Details on
  • Step 3. Whitelisting and Testing Delivery
  • Step 4. Agree Campaign schedule
  • Step 5. Present Results Together 

OUR MISSION

What to expect on the call

Want to learn more about our Free Managed Phishing Campaign and how it can help uncover human risk in your organisation? Book a session with our CEO, Max Harper, to walk through the details, what’s included, and how we tailor the simulation to mimic real-world attacks.

We’ll cover:
  • How the free campaign works – A spear phishing simulation tailored to your business.
  • What you’ll get – Full reporting, behavioural insights, and actionable recommendations.
  • Next steps – How to use the results to enhance your security awareness strategy.

And if he’s not too busy phishing our customers, we’ll loop in our CTO, Josh, to share his expertise too! 

RECENTLY SHARED

THE SPEAR BLOG

View the Blog

6 min read

Survival of the Phishest

{% module_block module "widget_76756cca-b1e2-452d-8055-6451cddff630" %}{% module_attribute "child_css" is_json="true" %}{}{% end_module_attribute %}{% module_attribute "css" is_json="true" %}{}{% end_module_attribute %}{% module_attribute "definition_id" is_json="true" %}null{% end_module_attribute %}{% module_attribute "eyebrow" is_json="true" %}[]{% end_module_attribute %}{% module_attribute "field_types" is_json="true" %}{"styles":"group","heading":"text","subheading":"text","heading_level":"choice","eyebrow":"text","text":"richtext","cta":"group","add_cta":"boolean","section_id":"text"}{% end_module_attribute %}{% module_attribute "heading" is_json="true" %}""{% end_module_attribute %}{% module_attribute "label" is_json="true" %}null{% end_module_attribute %}{% module_attribute "module_id" is_json="true" %}114468600782{% end_module_attribute %}{% module_attribute "path" is_json="true" %}"@marketplace/Lynton/Brightlane/pages/modules/Theme Rich Text"{% end_module_attribute %}{% module_attribute "schema_version" is_json="true" %}2{% end_module_attribute %}{% module_attribute "smart_objects" is_json="true" %}[]{% end_module_attribute %}{% module_attribute "smart_type" is_json="true" %}"NOT_SMART"{% end_module_attribute %}{% module_attribute "tag" is_json="true" %}"module"{% end_module_attribute %}{% module_attribute "text" is_json="true" %}"

Why Email Attacks Are Getting Smarter - and How to Stay Ahead

\n

In the ever-evolving world of cyber threats, email remains the front door to your business.

\n

4 min read

Why MDR is no longer a luxury - it's the backbone of modern cyber resilience

{% module_block module "widget_76756cca-b1e2-452d-8055-6451cddff630" %}{% module_attribute "child_css" is_json="true" %}{% raw %}{}{% end_module_attribute %}{% module_attribute "css" is_json="true" %}{}{% end_module_attribute %}{% module_attribute "definition_id" is_json="true" %}null{% end_module_attribute %}{% module_attribute "eyebrow" is_json="true" %}[]{% end_module_attribute %}{% module_attribute "field_types" is_json="true" %}{"styles":"group","heading":"text","subheading":"text","heading_level":"choice","eyebrow":"text","text":"richtext","cta":"group","add_cta":"boolean","section_id":"text"}{% end_module_attribute %}{% module_attribute "heading" is_json="true" %}""{% end_module_attribute %}{% module_attribute "label" is_json="true" %}null{% end_module_attribute %}{% module_attribute "module_id" is_json="true" %}114468600782{% end_module_attribute %}{% module_attribute "path" is_json="true" %}"@marketplace/Lynton/Brightlane/pages/modules/Theme Rich Text"{% end_module_attribute %}{% module_attribute "schema_version" is_json="true" %}2{% end_module_attribute %}{% module_attribute "smart_objects" is_json="true" %}[]{% end_module_attribute %}{% module_attribute "smart_type" is_json="true" %}"NOT_SMART"{% end_module_attribute %}{% module_attribute "tag" is_json="true" %}"module"{% end_module_attribute %}{% module_attribute "text" is_json="true" %}{% raw %}"

Cyberattacks aren't slowing down. But traditional security operations can't keep up.

\n

The gap between attack speed and detection speed is widening. While businesses scramble to add more tools and plug more gaps, many still struggle with alert fatigue, skills shortages, and slow response times. Sound familiar?

\n

Ready to take a human centric approach and level-up security in your organisation together?

CONTACT TODAY

YOU MAY NEED TO KNOW

Frequently Asked Questions

Can’t we just run phishing simulations ourselves?

You could — but the difference is in the delivery. We remove all the guesswork, vet every click to exclude false positives like scanners and bots, and present the results clearly. No manual data cleaning, no missed insights — just real human behaviour, accurately measured.

 

We already have a phishing platform — why use this service?

Having a platform is one thing. Using it effectively is another. You’d still need to scope clients, pick relevant templates, manage whitelisting, and build reports. With Spear Shield, you get expert-curated campaigns built around what’s actually bypassing email defences — all fully managed, and branded to you.

How much time does this take to manage?

Very little. You simply pick a campaign, fill out a form, and we handle everything else — including whitelisting guidance, delivery, tracking, and reporting. It’s designed to scale without adding to your workload.

Will users get annoyed by these tests?

Not at all. Our simulations are designed to mimic real threats without disruption. If a user clicks, they’re taken to a branded training page — no lectures, no public call-outs. Just clear, constructive feedback in the moment that matters most.

What if a customer wants a custom phishing template?

We include a wide range of relevant, real-world templates as standard. However, if your customer wants something bespoke — such as a scenario tailored to a specific brand, process, or department — we can build a custom Spear Phish Pack for a one-off fee of £100.

Will the reporting be branded to us?

Yes — every touchpoint is white-labelled, including reports and training pages. Your logo, your presence, our delivery.