Fight phishing with continuous simulation and training
Sorry, this product is no longer available, please contact us for a replacement.
Defend Your Business Against Social-Engineering Attacks
Fight phishing and other potentially-devasting attacks that can slip through security gateways. These evolving and sophisticated attack techniques, designed to fool employees, put your business at risk for data loss, financial fraud, and embarrassing exposure. Transform employees from potential victims into a layer of defense with Barracuda PhishLine.
With PhishLine, you guard against every facet of social-engineering threats with continuous simulation and training for employees. Show them the latest attack techniques, how to recognize the subtle clues and help stop email fraud, data loss, and brand damage. Embed learning into your everyday business processes with customized simulations that test and reinforce good behavior.
Only PhishLine helps you defend against a range of threats with patented, highly-variable attack simulations for multiple vectors, including phishing, smishing, vishing and found physical media.
Train Employees To Recognize Phishing Emails, Voicemails, and SMS Messages
Guard against every facet of social-engineering threats by training your employees to identify and report them. PhishLine provides patented, highly-variable attack simulations for multiple vectors, including phishing (email), smishing (SMS), vishing (voice) and found physical media (USB/SD card). Plus, use multiple simulation templates in a single campaign, to conduct hypothesis-based A/B tests and prevent users from receiving duplicate mock phishing templates.
With PhishLine, you train employees to recognize threats from multiple sources and test them the way an attacker would.
Customize Training to Make it Engaging and Relevant to Your Users
The Sender: Do you recognize the name, address, and domain? If not, be suspicious.
The Message: Does the email evoke an emotion, such as concern, desire, or curiosity? We suspend disbelief when we experience emotion, and phishing emails use this against us.
The Report: What does the message want you to do? Click a link? Download an attachment? Do neither until you are confident of the message’s legitimacy.
PhishLine’s simulation and training content is easy to use and is fully customizable. You get a wide variety of materials: Choose from hundreds of easy-to-use simulation templates, landing pages, risk assessment surveys, and engaging multi-lingual training content in the online PhishLine Content Center Marketplace™. Materials can be used individually or integrated into simulated phishing and social-engineering campaigns. New simulation and training content is added daily, to reflect the most recent threats and training resources available to help protect your business.
PhishLine lets you deliver training as soon as the need is identified, using a built-in workflow engine. For example, you can use a landing page for in-the-moment training when someone performs an unsafe action as part of a mock phishing campaign. You can also send training invitations to specific employees based on their past actions and risk profile. Plus, you can schedule training invitations and post on-demand training on your intranet.
PhishLine makes it easy for employees to instantly report suspicious emails to your help desk or incident response team. The built-in Phish Reporting Button is a simple, powerful solution that gives you complete control over the entire process at all times.
Identify Human Risk Factors in a Non-Threatening Manner
Do employees truly understand that information security policy they signed? Did a recent information security announcement have any impact on their perceptions of risk? Is your security awareness program addressing the real needs of employees, from their perspectives?
These are some of the questions addressed by PhishLine’s Risk-Based Survey module in a thoughtful, perceptive, and non-threatening manner. These unique, qualitative, risk-assessment capabilities allow for discovery in the “voice of the employee.”
Back-end analysis capabilities lead to a unique and powerful assessment tool that quantifies risk by impact and likelihood scores. You can objectively evaluate your organization’s human-risk factor based on meaningful feedback from your employees.
Protect Your Business With Updated Content That Guards Against The Latest Threats
With PhishLine, there’s no need to recycle the same old training and testing materials. The Content Center Marketplace is constantly updated by security experts to reflect the newest threats and the training resources available to protect your business. Engage employees – and keep their interest – with a wide variety of choices and materials designed to fit your corporate culture.
In addition, PhishLine provides Click Thinking™, a monthly bundle of content updates. Each update is aligned around a hot topic, and includes a new training video, email template and landing page. A monthly newsletter, infographic and intranet content also help keep your training program fresh and on topic.
There’s no need to piece together your curriculum. PhishLine experts have created phishing tests—from methodologies, to lures, to landing pages—that complement the content of our partners’ training materials. This means there is one style, one message, one way to make things happen from start to finish. Providing a fully-integrated, social-engineering solution saves your business time and money.
Automate Your Anti-Phishing Program
Don’t give hackers the edge by failing to execute day in and day out.
Automatic Updating of Address Books
The PhishLine Workflow Subscription can save you time while improving your address book accuracy! PhishLine can automatically merge data from multiple sources, eliminating the need to manually export and import address books for each employee.
Merging Risk-Based Attributes from Multiple Sources
The PhishLine Workflow appliance can also merge risk-based user attributes from other applications and databases and then use this information to trigger testing and training campaigns based on events. For example, you can integrate PhishLine into your HR system to automatically trigger a “new hire training campaign” for new employees.
Teachable Moments that Matter™
By integrating with third party databases such as LDAP, PhishLine can automatically trigger the delivery of security awareness content based on actual events. For example, a simple password reset request to the help desk can now become an immersive moment in which users can receive training and testing to ensure best practices are being applied.
Hundreds of Email Lure Templates, Landing Pages and Domains
New content is added every day creating endless combinations of email templates, landing pages, email account senders and web server domains. As the threat landscape changes so will our tests, giving you access to the most up-to-date content.
PhishLine Content Center Marketplace™
All content can be found in the PhishLine Content Center Marketplace, a one-stop-shop for browsing, selecting and importing the perfect content to craft your continually evolving campaigns.
Add that special touch by customizing any of the templates so your simulated attacks come from people in positions of trust, effectively testing your workforce and teaching them to be wary of threats that only your organization may have seen.
Patented Multi-Variable Attack Simulations
In today’s threat landscape, you can be phished from more than just email. Train your team on every facet of threat with PhishLine’s multi-variable attacks with campaigns that include Smishing (SMS/Text), Vishing (Voicemail) and Found Physical Media. This unique capability will help prevent users from receiving the same mock phishing template in a campaign and can allow for hypothesis-based testing (A/B tests).
Protect your user base by training them to recognize unfamiliar outgoing texts with our industry-leading smishing simulation. The innovative incoming mode allows you to email requests to text custom phone numbers as the call-to-action for otherwise innocuous emails, catching what would be a normally unknown vector before it can be used against your workforce.
Employees get many phone calls each day, which one of those will cost the company? With PhishLine’s anti-voicemail phishing or ‘Vishing’ we provide fully customizable simulated threats that will compliment any security awareness campaign.
Found Physical Media (USB/SD Card)
Using the same Smart Attachment technology found in our email campaigns, you can distribute files on portable drives and cards with watermarks in a variety of file formats to track who is willing to plug it into your network. The files won’t cause security problems even if non-employees find them as the content redirects users to landing pages designed to educate on the perils found in anonymous portable media.
Advanced Threat Simulation Features
Crafting effective scenarios is paramount when developing an effective anti-spearphishing campaign especially in long-term approaches where users would start seeing repetitive emails. Prevent that by using PhishLine’s advanced threat simulation features including time stamping to create a sense of urgency prompting users to respond before they can think it through, phone home macros, DLP tagging, geo-location and more. Our patented system allows for multiple combinations of email templates, landing pages, email account senders, and web server domains within a single campaign.
Phish Reporting Button
Enable easy tracking of user phishing attempts with the Phish Reporting Button, simplifying the task of reporting possible threats while tying in user reporting to your training regimen.
Robust User Attributes
Why stop at user name and email address when you can test based on location, job function, tenure, privileged credentials, or access to sensitive networks and applications? PhishLine gives you granular control for your reports, that your mid-level marketing managers in Kansas are more likely to click a link in an email on Tuesday, as well as testing and education so your workforce isn’t inundated with emails they shouldn’t get.
Extensive reporting and metrics
More than 16,000 data points are at your disposal with PhishLIne’s advanced metrics and reporting. Identify levels of risk at macro and micro levels within your organization to help expedite remediation while keeping your workforce at maximum efficiency by targeting training to only those who need testing at that moment.
Data Loss Prevention (DLP)
Worried about data leaking from your organization? With PhishLine’s built-in Data Loss Prevention Activator, you can track where those PhishLine campaign emails and portable media drops go and who accesses it to know who might leak your company data as well.
Is your workforce leaning hard on whether there’s an encryption symbol next to the URL when they click links in their emails? With HTTPS and SSL landing pages you can collect information from your users without the possibility of people snooping that information and using it against you while convincing your users that they are safe.
Engage your users and make the cat-and-mouse aspect of security awareness fun by turning the workflow into a game with leaderboards and user leveling systems. This will help train users to spot and report threats while keeping the idea of spearphishing at the forefront of their mind.
Measure and communicate the success of your security awareness efforts. A leveling program gives you the ability to create a custom program based on the hallmarks of a healthy security culture: training completion, avoiding interactions with simulation messages, and reporting suspected phishing. As employees move through the program, they are presented with on-level training and simulation content that challenges their security awareness, enabling the administrator to track and report on overall program effectiveness and individual user awareness. (Available in PhishLine Concierge only.)
Should a CEO or accounts payable team get the same test as your engineer, nurse or teacher? With PhishLine you can issue risk-based surveys that provide unique insights into your user level security posture. By being better informed about your user level risk and validating it throughout the year you will maintain a security plan that mirrors your organizational objectives.
Bonus Security Awareness Training Materials
To support your computer-based training initiatives, PhishLine provides supplementary materials such as two-minute best practice videos covering topics such as Malware Awareness and Password Security. In addition, there is an array of bonus training materials including posters, newsletters, infographics, and tip sheets. PhishLine has partnered with several reputable content vendors to augment our built-in content.
At A Glance:
|Features||Barracuda PhishLine||Barracuda PhishLine Enterprise||Barracuda PhishLine Concierge|
|Users||Minimum of 100 users||Minimum of 1,000 users||PhishLine Enterprise + Managed Services|
|- Credential Entry / Login||✔||✔||✔|
|- Feedback Form||✔||✔|
|- File Upload||✔||✔|
|- File Download||✔||✔|
|Computer Based Training Content||✔||✔||✔|
|Gamified Training Content||✔||✔|
|Click Thinking Content||✔||✔|
|Partner Training Content||✔||✔|
|Incident Response Capabilities|
|Phish Reporting Plugin||✔||✔|
|Incident Response Dashboards||✔||✔|
|Out of the box Reporting||✔||✔||✔|
|Managed Services Administration||✔|
|Address Book Integration**||✔||✔|
|Single Sign On (SSO)||✔||✔|
|Role Based Access||✔||✔|
*Requires separate license
**Requires the PhishLine Workflow Subscription
Download the Barracuda PhishLine Datasheet (PDF).