Phishing Email Test & Awareness Training for Employees

Customized phishing email test for employees of different companies, departments and work flow. Eliminate your biggest security risk - employee's lack of awareness

Did you know? 91% of data breaches are caused by phishing! Since work-from-home and remote work become more common, the number of cyber-attack incidents has increased sharply in recent times. According to the figures provided by HKCERT, there were more than 2,000 cases of phishing sites reported in 2020 Q2, an increase of 154.5% compared to the same quarter in 2019 and 5 times more compared to the 2020 Q1.

It only takes one mistake by one employee to destroy any cybersecurity measures prepared by the IT team and cause serious damage to the financial situation and reputation of the company. To get employees ready for real phishing and safeguard the properties of the company, an examination of employees’ awareness is needed sooner than later.

Trend chart of reported phishing websites in Hong Kong based on HKCERT incident data

Data from Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)

Enquire Now

(852) 2554 7545

Talk to our cybersecurity experts

Spot the phish, fast

A phishing email test sends realistic but safe simulated phishing messages to staff, measures who clicks or submits data, produces a report with timelines and devices, then delivers awareness training so employees recognise spear phishing and business email compromise before real attackers strike. UD tailors scenarios to your industry and workflows and pairs testing with specialist-led training aligned to HKCERT-style incident trends.

What is phishing?

Cybercriminals would pretend to be a legitimate bank, social media or other service provider and send out an email to the victim, who is then lured to a fake website to give out his secret information such as bank account details or to download malware. Some criminals design advanced level fraud by carefully studying the company’s operation, which is called “spear phishing attack”. They would impersonate the boss and ask for an immediate bank transfer that causes enormous financial loss.

Is this a phishing email?

63% people clicked the links in this email

Legitimate email

63%

Phishing email

37%

Conduct a simulated attack now to test your employees’ phishing awareness. And let them understand the risk before a real hacker attacks!

Enquire Now

Why Phishing Email Test?

Company management often overestimates the ability of their staff when encountering phishing attack. Through examination and training, your staff can be trained to identify malicious email and be remained to stay alert. As such, company loss and risk can be minimized.

Process of the Phishing Email Test and Training

Simulated Attack

Examine your staff’s ability to dealing with phishing email
Meet with client to discuss test detail beforehand
Send out phishing emails to all staff at a predetermined time
Design special email and website for different sectors and departments

Test Report

Read the “victim” list
Record of opening email, clicked links, submitting data and downloading
The timeline, devices, operating system, browser used for each action
Conclusion and analysis of weaknesses and strength of your staff

Awareness Training

Our cybersecurity specialist will visit your company for the training
Enable your staff to identify malicious email and lower company risk
Learn about the types, technology, latest trend, impact of phishing and case study
Learn about how to prevent being phished and what to be aware in daily work

Read a real case for the phishing test: A local IT company

The client is a medium-sized technology company in Hong Kong with about 100 staffs, consisting of IT professionals such as network engineers and developers.

Check out how UD lured 80% of their staff to give out their data, using afternoon tea!

Read the real case

Service fee: HK$10,000/one-off

Service Enquiry

For more details, feel free to call (852) 2554 7545

Frequently asked questions

What does a phishing email test include?

It includes a planned simulated phishing campaign directed at your staff, collection of interaction data (opens, clicks, submissions), a written report with metrics and recommendations, and optional on-site awareness training delivered by UD cybersecurity specialists.

How is this different from a penetration test?

Penetration testing targets systems and networks for technical vulnerabilities. A phishing email test targets human behaviour—measuring how employees respond to deceptive messages—so you can train people before attackers exploit the same tactics.

Who should use phishing awareness training?

Any organisation that relies on email for finance, HR, or operations—especially teams working remotely—should run periodic phishing simulations so staff learn to recognise spear phishing, fake invoices, and credential theft attempts.