Train Employees With A Free Phishing Simulator
CanIPhish provides a truly unique experience through our free phishing simulator. We use realistic phishing, storytelling, and micro-learning to train your employees.
No credit cards or sales calls required!
A Free Phishing Simulator. Automated & Gamified.
We've seen first-hand how legacy vendors make it difficult to set up simulated phishing and security awareness training. That's why the team at CanIPhish has focused on creating a platform that removes complexity and empowers our customers.
A Self-Service Cloud Platform
- Free Phishing Simulations - CanIPhish provides its training and phishing simulator free of charge under a perpetual free tier.
- Integrated eLearning Platform – Run standalone security awareness training campaigns or auto-assign micro-learning to employees who fall for phishing emails.
- Realistic Phishing Templates – Build your own templates, use AI to engage in conversational phishing, or choose from our regularly updated phishing templates.
- Advanced Real-Time Reporting - Track campaigns in real-time, schedule reports, track trends, and much more...
- Multi-Language Content - Seamlessly translate phishing and training content to one of 75 supported languages.
Conversational Phishing Powered By Generative AI
CanIPhish can conduct conversational phishing, replicating sophisticated phishing techniques, whereby attackers establish back-and-forth communication to build trust with their victims before delivering the phishing payload.
This capability is powered by a proprietary Generative AI model (PhishAI) developed by CanIPhish. This model ensures that each conversation is unique and targeted to individual employees.
Phish, Train and Improve
Track employee compromises, reported phishing, training assignments, and employee risk from a single unified console.
- Employee Risk Scoring - Identify employees at a low, medium, and high risk of phishing.
- Report Phish Plugins - See which employees report suspected or simulated phishing.
- Phishing Statistics – Track phishing email opens, links clicked, credentials compromised, and attachments opened.
- Training Statistics – Track employee training that has been assigned, completed or are overdue.
Getting Started
-
Create An Account
Simply provide your email address, name, and company to access our free tier. No credit cards are necessary!
-
Upload Your Employees
Upload the email addresses of employees you'd like to train with both manual and automated data imports available.
-
Send Phishing & Security Awareness Campaigns
Schedule your first simulated phishing and security awareness training campaign. See our public demo!
Free Phishing Tools. All In One Place.
Leverage our library of micro-learning training courses to quickly and efficiently train your employees!
Take control of your phishing campaigns with customizable phishing emails, websites, sender profiles and delivery frequencies.
Ticket, chat, email, and phone support available. Additionally, get the most out of CanIPhish with our comprehensive knowledge base.
Gain full access to the ever evolving library of phishing emails and websites that CanIPhish maintains.
Our highly dynamic platform enables you to use either our hosted mail and web servers or your own.
PhishAI Simulates conversational phishing using generative AI to engage in an email conversation before delivering the phishing payload.
Have Questions? We Have Answers.
CanIPhish was founded under the belief that every business should have access to the tools needed to train their staff against cyber threats. To support this goal, CanIPhish offers a perpetual free tier designed to help the needs of small businesses and startups.
While we offer a perpetually free phishing simulator, we also provide paid subscription options for large customers or those needing a more tailored training experience. It's through our paid customers that we're able to subsidize and offer our perpetual free tier.
Customers operating in the free tier have two restrictions applied. These restrictions include:
- A limit on the number of employees who can be trained on a monthly basis. This limit is set to 10 employees.
- A limit on specific phishing and training material. Approximately half the phishing emails and training modules in CanIPhish libraries are limited to paying customers.
CanIPhish uses three techniques to make phishing emails appear realistic.
- We continuously monitor emerging cyber threats and analyze the tactics, techniques, and procedures used. We then modify our existing library or add new phishing content based on analyzed activity.
- We take advantage of real-world misconfigurations to support domain spoofing. If a customer, supplier, or partner uses a domain vulnerable to spoofing, you can abuse this in phishing tests to add an additional layer of realism.
- Every phishing email in our library has some form of secondary action getting tracked. This is supported through the tracking of email responses, tracking of phishing website clicks, and the opening of email attachments. This is designed to replicate the workflow of a real-world phishing attack.
No. CanIPhish provides all the infrastructure and phishing content needed to conduct phishing tests. We provide hosted email servers and phishing websites. We additionally support the use of third-party infrastructure if you need complete control over email delivery or website interaction tracking.
The team at CanIPhish has developed an entirely self-service platform. We empower our customers through an easy-to-use platform that contains detailed knowledge base articles and video walkthroughs. You can sign up for free, evaluate the platform, review our public pricing, and upgrade your subscription without interacting with a sales representative.
You can use Generative AI to replicate an emerging tactic where attackers engage victims in back-and-forth conversations to establish trust. Additionally, these back-and-forth conversations help to trick email filtering technologies into recognizing the attacker as a trusted contact, increasing the likelihood that a phishing payload will go undetected and land in a victim's mailbox. By simulating this technique, you can prepare employees to recognize and evade sophisticated social engineering threats.
CanIPhish uses a proprietary Generative AI model (PhishAI) that's been developed in-house to replicate this phishing tactic and ensure your employees are well-equipped to deal with real phishing threats.
A Fully Featured Free Phishing Simulator.
Realistic Phishing
- 100+ Phishing Emails - Themed against popular services that employees use day-to-day.
- AI Powered Phishing – Harness the power of generative AI and simulate conversational phishing attacks.
- Spoof Domains – Abuse real-world misconfigurations to spoof domains and an additional layer of realism to phishing campaigns.
- Fully Customizable - Modify the email subject, body, sender profile, payload and insert variables to dynamically populate information at the time of sending (e.g. first name, last name, etc.)
Phishing Workflow
-
Employees Receive Phishing
Phishing emails entice employees to perform an action that will ultimately harm themselves or the business they work for.
-
Employees Interact With The Phish
By opening the malicious attachment, entering their credentials into the phishing website or simply responding to the email.
-
Employees Receive Educational Training
In the form of micro-learning training modules that are assigned and designed to be completed in 5-10 minutes.
Curious what an employee will see when you send a phish? Take a look at our email inbox simulator.
Train your employees by sending them real-world phishing material and tracking payload interactions.
Scan for email spoofing and email infrastructure vulnerabilities by using our free domain scanning tool.
Get Started Today. It's Easy!
Sign-up for free and send your first phishing email test in under 5 minutes.
The Benefits Of A Gamified Phishing Simulator
Let's face it. Traditional phishing simulations are a penalty-based exercise.
Employees fall victim to simulated phishing attacks and then appear on a list where they may be reprimanded or may be assigned more training. This approach can introduce fear and anxiety, invoke negative emotional responses, decrease motivation, and much more.
A gamified phishing simulator flips this approach on its head. Instead of only penalizing employees, we reward those who show positive behaviors. These behaviors can be plentiful and could include the avoidance of phishing emails, reporting phishing emails, completing assigned training on time, completing training on the first attempt, and much more.
Employees can then be tracked on an organizational leaderboard, where positive reinforcement is used and positive behaviors are encouraged.
CanIPhish is a gamified phishing simulator. Employees are assigned badges whenever positive behaviors are observed. These badges earn points that accumulate on a leaderboard where you can use friendly competition and rewards to motivate employees to educate themselves.