Phishing Email Security Assessment
Broad-scale and targeted email phishing attacks are among the most likely type of cyber attack that businesses are having to contend with today. Such emails can be sent with little risk, and if successful, could trick users into revealing sensitive information such as login credentials, or potentially even result in the installation of malware. Such emails could be sent in mass to all employees when just one successful exploit is needed to compromise the business’ sensitive data. Alternatively, specific individuals within the business may be targeted with highly bespoke emails, aiming to leverage that particular employee’s privileges.
Pentest People’s Phishing Testing Service simulates both a broad-scale generic email phishing attack or a realistic targeted attack on key employees. The result of this test generates valuable statistics for measuring the effectiveness of business awareness training and procedures.
Listen to one of our Phishing experts
breakdown of this Pentest People Service
Overview of our Email Phishing Security Service Methodology
The Phishing Email Assessment will typically include the following fundamental stages:
Bespoke Fake Portals
Tracked Emails and Responses
Awareness Training

What are the Risks?
Email Phishing attacks are becoming more predominant in every industry. It’s one of the most universal types of cyberattack and can be used to gain easy access to a businesses network.
Businesses have to make employees aware of such phishing attempts, that can be both broad-scale and targeted (most likely on more high ranking employees). The Pentest People Phishing Assessment is the perfect solution for training your team and finding the weaknesses in your employees awareness.

How Can Our Phishing Assessment Service Help?
Pentest People can help alleviate the risks associated with Email Phishing by performing either a broad-scale or targeted phishing scenario.
Pentest People have a professional Phishing Service that can be used to identify flaws that exist within your team in regard to their email phishing awareness. From this phishing test service assessment you can create professional training protocol so your employees never fall victim to such attacks.
The service would be delivered as part of the Pentest People Penetration Testing as a Service (PTaaS) and full access to the SecurePortal and other complementary tools would be provided.
The Phishing Email Assessment
Allows Access to SecurePortal
Digital Report
Until now, the traditional deliverable from a Penetration Test engagement has been a lengthy 100+ page PDF report.
Pentest People have developed a solution to this issue where you interact with your vulnerabilities within the SecurePortal.
Vulnerability Data
Constantly updating Vulnerability Information to stay in touch with the emerging threat landscape.
Receive overview and trend data of all of the current security issues you face in your organisation. All viewable on an interactive dashboard.
Skilled Consultants
Rest assured that your assessments are performed by qualified Security Consultants.
Our specialised team of security consultants hold industry qualifications such as CHECK Team Member & Team Leader, CCIE, CISSP and CEH.
Phishing Service Breakdown Transcript
Pentest People’s team of dedicated social engineers will help to perform phishing engagements against your business. These generally take the form of a mocked up phishing portal, which is designed to mimic either an office 365 portal or a custom portal of your choosing. That is then sent out to all the targets that you provide us. You receive some interesting statistics on who’s opened the email, who’s clicked on the link. We’ve visited the page and of course, who’s actually entered details into that portal. Off the back of this pentest people can provide detailed training on how to prevent these sorts of attacks working against your business.
Key Benefits
Understand the security risks associated with phishing scams through a thorough assessment to highlight training areas to focus on.
- Email Phishing is the most widely used form of cyber attack businesses have to contend with.
- Chose between either a broad-scale generic email phishing attack or a realistic targeted attack on key employees.
- Many organisations require an email phishing scenario as part of employee awareness training. Pentest People are experienced in this form of attack and our consultants use it daily during other Penetration Testing Services.
- The results of the assessment can be used to provide recommendations for awareness training area of focus.
Frequently
Asked Questions About Phishing Email Assessments
What types of phishing Assessments do you offer?
What impact can phishing have on my company?
What is the deliverable from the service?