Bait & Phish phishing simulation FAQ

FAQ

Questions answered

Some of your Questions

  • Why is Bait and Phish training better than my own in-house training program?

    Old Security Awareness Training is usually a one-time education piece that is largely forgotten by the users as soon as its complete. A single event without follow-up which means your people go back to old habits almost immediately. Bait and Phish Security Awareness Training starts with a baseline test to show the actual percentage of your users that are susceptible to phishing. Step two is where you assign users effective, interactive, on-demand browser-based training. Lastly you send frequent simulated phishing attacks to your employees to reinforce the training. We recommend sending a new phishing email to your users every 2 weeks as it quickly creates a change in behavior.

  • Why do employees even need this training?

    The Verizon Data Breach Investigations Report (DBIR) consistently finds that the human element - phishing, stolen credentials and other social engineering - is involved in the majority of reported breaches. The FBI Internet Crime Complaint Center (IC3) reports phishing as the highest-volume cybercrime category by complaint count, and Business Email Compromise (BEC) alone accounted for billions of dollars in reported losses in its most recent annual report. IBM's Cost of a Data Breach Report places the average cost of a breach in the millions of dollars, with phishing-driven incidents among the most expensive. Continuous phishing simulation and awareness training remain the most cost-effective way to reduce the human-factor risk that drives those losses.

  • How long does it take to get up and running with Bait and Phish?

    Our system is designed to be as easy as possible to use and to automate a lot of the training and phishing process. Please see our quick start guide for more information. In preparation you will need to whitelist our IP’s (see this KB here) so that you users actually do receive the phishing attempts and after that you can schedule training and phishing campaigns very easily and let our automated processes do the work.

  • Is my financial data safe?

    Bait and Phish does not store credit card data on its servers. We use industry best practices, and partners with top security firms to ensure the security of sensitive data. Bait and phish will never share your company information with 3rd parties.

  • Who do I talk to so we can become partners?

    If you are looking to partner with us please send an email to info@baitandphish.com and our Channel Manager will get in touch with you.

  • How many employees can we sign up? How do you scale?

    We are built 100% in the cloud. No matter the size of your employee base we can scale to meet any number.

  • How much is this going to cost?

    Bait and Phish pricing is designed to make the decision to use its services a very easy one and offers very competitive rates. For bigger organizations, there are further volume discounts. Use our pricing page to calculate how much or send us an email using this form and we think you will be pleasantly surprised. Bang for buck we think you will find that this will be the number one investment for your security dollar.

  • What are my payment options?

    We accept Visa, Mastercard, American Express, Discover and Paypal on sign up of our services. Upon request we can also offer terms and can accept payments via ACH or wire transfers

Featured Reading

The pillar guides that expand on the most-asked questions above.