Phishing Assessment
Are your people able to recognise and respond to a phishing attack?
Schedule a Consultation

Make Phishing A Non-Event

Cyber criminals love using phishing as a way of getting access to your network. Stop them at the source with an educated and aware workforce.

97% of companies report experiencing phishing attacks. But that problem goes away if no one’s clicking on the links.

Excite Cyber has the tools and expertise that will get your people up to speed quickly.

Our Proven Process With Phishing Assessments


Review of existing anti-phishing solutions, such as Mimecast, as well as your processes and policies to ensure that you’re up to date with best practices.


Create a fake phishing campaign to test how effective it will be on your people. The outcome of the Phishing Campaign metrics at a minimum should be:

Successful Email Opens

Email Clicks

Data Entry

Emails that are sent to IT/Security in accordance with company procedures.


Build a report that highlights where the greatest risks to your organisation is, identifies repeat offenders and identifies the kinds of attack that will be most successful. The report will also include guidance on how to shore up the defences.

Our Approach To Phishing Assessments

Phishing attacks become more sophisticated by the day. The Excite Cyber team keep a close eye on the work that goes into these attacks, so we can perfectly re-create what your employees will experience. 

At every step of the way we’ll work closely with you to advise, educate, and develop a formal response fo phishing attacks.


How You Benefit From Phishing Assessments

A Phishing Assessment reduces the chances that one of your people will click on a phishing link or respond to an illegitimate request will significantly improve your security posture.

Reduce the organisational susceptibility to phishing and the consequential impacts such as ransomware, loss of data, clean up costs and brand impact.

Experienced Team of Specialists

Phishing is not just about technology. There’s a human element to it, too. Excite Cyber’s long experience in this space will help you identify the opportunities to strengthen your environment by better educating your people.

Train Your People Efficiently

Think of phishing education like first aid – it’s essential that your organisation has this knowledge within it. We provide the tools and resources you need to turn your people into subject matter experts.

Onboard New People Effectively

As your organisation grows, we’ll be on hand to help onboard new employees on your policies around phishing.

Actionable Insights In Reporting

Our reports support business outcomes, not deliver tech for the sake of tech. Benefit from immediately actionable insights immediately after we have completed our assessment.

Our Latest Perspectives

Getting Started With Excite

Excite Cyber is both ISO27001 and CREST certified to ensure the highest quality of security service in the cyber security industry.

We collaborate with you every step of the way to protect your business and enable you to seize new opportunities securely. 

To get started, schedule a complimentary call using the form below today.

Frequently Asked Questions

There are many different flavours of attack used these days and new techniques are evolving all the time. Excite Cyber will discuss the types of attack in the context of your business and agree which of the following should be included in the scope:

  • Desktop review and testing of in place controls
  • Vulnerable User Phishing Campaign – how much data will users disclose before recognising an attack WITHOUT existing controls
  • Vulnerable Human and Technical Phishing Campaign – how much data will users disclose before recognising an attack WITH existing controls. 
  • Vulnerable User Vishing and/or Smishing Campaign

Like most things in cyber security there are no guarantees, but there can be a substantial reduction in the risk of a successful attack. 

Social engineering is a key aspect of phishing and is notoriously hard to protect against because techniques and people change. A phishing assessment program will give you an initial assessment of your exposure and allow you to make an informed decision on what investment is needed to reduce the risk via education and awareness programs. 

These programs need to be ongoing to keep users constantly aware of both the general threat and of specific techniques that are being actively used by ransomware attackers and hackers in general.

Book an Appointment Form

Schedule a consultation to discuss your technology and cyber security requirements.