Getting Started with Phishing Simulation

Get started with Trend Micro Vision One Phishing Simulation to simulate realistic phishing attacks and identify security risks.

Simulate a phishing attack in your organization to identify employees who are most likely to click on links or enter credentials in a real phishing attack. Lower your security risk by educating these employees about how to avoid phishing attacks.

  1. On the Trend Micro Vision One console, go to Assessment > Security Assessment.
  2. Under Phishing Simulation, click Start Assessment.
  3. In Step 1 Content, under Simulation Settings select an email template from the list.

    The phishing email template and landing page are paired. The landing page changes depending on the email template you select.

  4. Click Next.
  5. In Step 2 Recipients, under Recipient Data Source select the data source for your recipient list.
    • Manual entry

    • CSV file

    • Third-party data source

  6. Add recipients and click Save.
  7. In Step 3 Delivery, under Simulation Duration set the End time for your phishing simulation.

    The Start time is automatically set to the date and time the simulation is created. The End time can be set manually, within a range of three to seven days after the start time.

  8. Configure third-party allow list settings to ensure emails are delivered to recipients.

    To view general information on setting up allow lists, see Setting Up Allow List Phishing Simulation

    To set up your Google Workspace allow list, see Setting Up Google Workspace Allow List.

    To set up your Trend Micro Email Security allow list, see Setting Up Email Security Allow List.

    To set up your Microsoft Exchange and 365 Defender allow list, see Setting Up Microsoft Allow List general allow list

  9. Click Next.
  10. Enable Follow-up Notification to notify employees who have been phished. Trend Micro Vision One sends an email containing guidance on how to avoid real phishing attacks to phished employees.
  11. Click Create Simulation to launch your phishing simulation.