How to set up Phishing Simulation
Should you choose the SoSafe Default Setup or Custom Setup?
SoSafe Default Setup is a better choice when you don’t need customization. To get started, choose a start date and get the awareness training configurations based on the subscribed package.
Custom Setup is better when you want to customize content selection, start/ end dates, and individual reporting.
Where to configure Phishing Simulation training?
Awareness training requires targeting at least one active user. Before proceeding with the awareness training setup, you must complete Step 1 (Add users).
Learn how to add the first users in the How to Manage Users article.
You can create your first Phishing Simulation training from the following locations:
Dashboard
Go to the Dashboard menu item, Setup Awareness Training section, Custom Setup, and click the button New Phishing Simulation (1).
You can select to Run a 2-week assessment training (2) if you are not sure yet what to choose. It will help to evaluate the user’s phishing awareness.
Options available in the Custom Setup reflect the package purchased:
Phishing Simulation + E-Learning
Phishing Simulation
E-Learning
Go to the Phishing Simulation menu item and click the New Phishing Simulation button to create a Phishing Simulation training.
Create a Phishing Simulation training
Click the New Phishing Simulation button
On the Name and dates page:
Add a Training name
Select the Start date and End date.
Click the checkbox End training on the client’s subscription end date to prefill the training end date automatically. Note that the end date cannot exceed the client’s subscription end date.
Click Next
You can create multiple Phishing Simulation trainings. Choose a training name that you can easily recognize when reviewing the Phishing Analytics results.
On the Select email templates page:
Use anchor links (1) on the left to navigate through year 1, year 2, and year 3 recommendations.
Use Categories (2) to filter the Phishing Simulation templates by category. All categories are shown by default.
Use list/ card view (3) for template display as per your preference.
Click Preview (4) to view the template details.
Select the checkboxes (5) for the templates you want to add to the Phishing Simulation training.
We recommend distributing the simulation templates across multiple years based on each client’s maturity level and previous exposure to phishing simulations. This approach helps ensure sustained user engagement and better long-term knowledge retention.
The platform offers a recommended distribution to help with this process, but ultimately, it's up to you to choose which templates to incorporate into the awareness training.
Click on Training summary (6) to see the summary of templates that will be added to the Phishing Simulation training.
How many templates should you add to a Phishing Simulation?
We recommend sending out between 1 and 2 phishing simulation emails per month. You can check the average cadence in the Training summary.
Click the Next button after you finish the template selection.
On the Reporting setting page:
Training results are set to be Anonymous by default.
Select Individual to track employees' clicks and interactions at the employee level..
Click the Next button to move to the final step.
The reporting setting selection should be based on each client's legal and compliance requirements.
These reporting settings are configured independently for each training and cannot be changed after the training starts.
On the Training summary page, click the Save & launch button to launch the Phishing Simulation training.
Whitelisting is a critical step for Phishing Simulation training that prevents emails from being blocked by spam filters, firewalls, or security settings. If you haven’t configured whitelisting yet, you’ll need to finish it before the Phishing Simulation start date. Learn more in the Partner Platform Whitelisting Guide.