I'm looking for recommendations on phishing simulation tools suitable for a small company with just 20 employees. I want a straightforward solution where phishing emails are sent out, and I can easily track who clicks on the malicious link. I'm not interested in features like credential harvesting, malicious attachments, or extensive training materials—just the basics. I've explored Gophish but I'm concerned about the setup complexity and the potential for emails to end up in spam. I've also looked at some commercial options like uSecure and KnowBe4, but I'm wondering if SaaS solutions like these come with pre-crafted emails to ensure they land in inboxes rather than junk folders. What do you suggest as the easiest option?
2 Answers
For a straightforward solution, Bullphish might be a good choice. It integrates easily with Microsoft 365, and while you might need to set some exclusions for emails, it’s user-friendly. Plus, they offer tests and training campaigns as part of their K365 bundle.
CanIPhish has been working well for us. It's affordable, and for 20 employees, it costs about $1.20 per user. Worth checking out!
Sounds good, I will definitely look into CanIPhish!