1. How long does it take to set up?

    If Trace is performing a remote social engineering engagement for you, then there's virtually no software setup. If you're using our software to conduct your own phishing campaigns, setup is quick and easy and only requires a few minutes to begin phishing tests.

  2. What's the difference between getting the program and doing the phishing internally and having Trace manage our phishing efforts?

    If you run phishing internally, you'll need to set up the distribution groups, choose the email(s) that each will receive, and schedule their delivery each time you want to run a test. With Trace managing, you don't need to worry about making sure to set these up and run them periodically - you'll just get the results and report.

  3. How do I add people to the program for phishing distribution?

    This is done automatically if you're using AD/LDAP sync, can be done by uploading a CSV or manually creating a user.

  4. Will Trace phish my employees continuously or only on set intervals?

    Depends on scope of the engagement - typically done in quarterly intervals but the emails are not all sent at once.

  5. Can I set phishing e-mails to go out on a schedule? Can I add e-mail variations to that schedule over time or do I need to create a new distribution?

    Yes, phishing e-mails can be delivered on a schedule. Additional e-mail addresses can be added to the schedule over time so that new users are included in active distributions.

  6. If an employee fails a phishing attempt, what happens?

    Employees who fail phishing attempts are logged as such in our system and the details of the failure are reported to you. The details will include whether or not the phishing email was opened, whether or not the user clicked on the malicious link(s) included in the email, and exactly when the user failed the test (date and time). Additionally, there is an option to display a configurable web page with a message to notify the users of their failure with tips to improve security awareness.

  7. What kind of reporting will I get and how often?

    If Trace performs phishing as part of the service, a detailed quarterly report outlining the results will be provided in PDF format. There is also a reporting module that allows users to generate reports with detailed data in both PDF and CSV formats

  8. How often is the phishing platform updated? How often can I expect new phishing templates?

    While there is no defined schedule for releasing new phishing templates, our team is continually searching for innovative methods for conducting phishing tests and will periodically release new templates. Additionally, our software provides the ability to create custom phishing templates which allows users to define their own content.

  9. Would you recommend getting Phishing and the Education Platform together?

    Yes! Because remote social engineering engagements report on your employees'/coworkers' abilities to properly identify and avoid phishing and vishing attempts, our educational platform compliments the phishing engagements by addressing any issues identified by the engagement and educates users on how to avoid falling victim to phishing attempts in the future.In addition, our educational platform provides courses that can be sent to users upon failure of a phishing attempt.

  10. How much does support cost? What happens if I have an issue with the software?

    Support is included at no additional cost.