Phishing Simulations

Run realistic phishing and social engineering simulations with Herd to train your team, build awareness, and track resilience.

Overview of Simulations

You’re ready to start running phishing simulations! Herd makes it simple to test and train your team against real-world social engineering threats—so you can build awareness without disrupting daily workflows. Whether you’re simulating phishing emails, SMS messages, phone calls, or even deepfake attempts, Herd ensures your team gains practical experience recognizing and responding to attacks.

This section provides step-by-step instructions for building new simulations and how to use them effectively. You’ll be able to plan, launch, and track simulations with ease—helping your team stay alert and resilient.

What You’ll Find Here

• Email Templates — Displays a list of all templates your organization has created so you can quickly launch realistic phishing email simulations.

• Whitelisting Email Domains — Teach you the steps to whitelist email domains for phishing simulations so they end up in every user's inbox.

• Campaigns — Guidance on building and scheduling phishing campaigns that can span multiple simulation types (Email, Voice, SMS, Deepfake).

• Results — Learn how to track user performance, view detailed reports, and identify areas where additional training is needed.

Email Simulations

• Users receive a realistic phishing email designed to mimic common attack techniques.

• If a user clicks on a suspicious link or fails to report the email, Herd provides real-time feedback and education.

• Email simulations help strengthen awareness around links, attachments, and sender authenticity.