Train Employees With A Free Phishing Simulator

CanIPhish provides a truly unique learning experience through our free phishing simulator. We use realistic phishing, storytelling, and micro-learning to train your employees.

Sign up for free Watch demo
Capterra Logo
1,000+ companies already with us
Laptop outline
Geometric Gradient Background
Cybrary Logo
Cybrary Logo
Cleared Logo
Cleared Logo
Easygo Logo
Easygo Logo
XLENT Logo
XLENT Logo
Germain Hotels Logo
Germain Hotels Logo
REI Logo
REI Logo

AI-Powered & Gamified Phishing Simulations

CanIPhish Email Dashboard
Create Your Own Template
Ready To Use Websites

Conversational Phishing Powered By Generative AI

CanIPhish can conduct conversational phishing, replicating sophisticated phishing techniques, whereby attackers establish back-and-forth communication to build trust with their victims before delivering the phishing payload.

This capability is powered by a proprietary Generative AI model (PhishAI) developed by CanIPhish. This model ensures that each conversation is unique and specific to individual employees. Conversational phishing is available over both email and voice calls.

Try an interactive phishing demonstration
Conversational Phishing
Detailed campaign statistics

Comprehensive Phishing Education & Protection

  • Organizational Human Risk - Measure, benchmark, and reduce your overall human risk.
  • Phishing Statistics - Track phishing email links clicked, credentials compromised, attachments opened and replies.
  • Report Email Plugins - See which employees report suspected spam and phishing emails.
  • Multi-Channel Phishing - Simulate voice phishing, email phishing, or combine both with callback phishing!
  • Integrated eLearning Platform - Auto-assign micro-learning to employees who fall for simulated phishing attacks.
  • Advanced Real-Time Reporting - Track campaigns in real-time, schedule reports, track trends, and much more...

How Phishing Simulations Work

It starts with a phishing attack

Your journey begins just like a real one. You are faced with a simulated phishing attempt designed to pull you in. Every detail mirrors real-world tactics and makes the experience feel immediate and authentic from the start.

Image of a simulated phishing email

You take the bait

The simulation leads you to a convincing login page. Acting on autopilot, you begin typing your credentials, just as many do during real attacks.

Image of a simulated phishing website

Learn in the moment

Once you interact with the phishing page, you are immediately redirected to an on-the-spot educational experience. You are guided through the exact email you just fell for, with every red flag highlighted so you can see what you missed.

Image of the on-the-spot phishing education page in action

Build stronger habits

After the simulation, you are automatically enrolled in targeted remedial training. These short, focused modules address what you missed and can cover a wide range of important cybersecurity topics.

Image of a training module on phishing awareness

What Makes CanIPhish Great?

Perpetual Free Tier

You don’t need to attend a demo, sales call, or provide a credit card to get started. Just sign up for free!

Comprehensive Tools

Create phishing campaigns, training campaigns, or even play phishing games and get on CanIPhish’s leaderboard.

Scalable & Flexible

CanIPhish’s infrastructure is stress-tested and capable of delivering phishing and training campaigns at scale.

Self-Service & Easy

CanIPhish is designed from the bottom up to have a user-centric design that’s simple for anyone to use.

Continuously Updated

The CanIPhish Platform is constantly updated to include new features, new content, and new tools!

Compliance Reporting

CanIPhish has built-in compliance reporting that helps you to easily demonstrate compliance to auditors.

Detailed Knowledgebase

CanIPhish’s knowledgebase is detailed, up-to-date, and includes dozens of walkthrough videos.

Multi-Language Content

CanIPhish has translated all its phishing emails, websites, and training modules into 75 languages.

Have Questions? We Have Answers.

CanIPhish was founded under the belief that every business should have access to the tools needed to train their staff against cyber threats. To support this goal, CanIPhish offers a perpetual free tier designed to help the needs of small businesses and startups.

While we offer a perpetually free phishing simulator, we also provide paid subscription options for large customers or those needing a more tailored training experience. It's through our paid customers that we're able to subsidize and offer our perpetual free tier.

Customers operating in the free tier have two restrictions applied. These restrictions include:

  • A limit on the number of employees who can be trained on a monthly basis. This limit is set to 10 employees.
  • A limit on specific phishing and training material. Approximately half the phishing emails and training modules in CanIPhish libraries are limited to paying customers.

CanIPhish uses three techniques to make phishing emails appear realistic.

  1. We continuously monitor emerging cyber threats and analyze the tactics, techniques, and procedures used. We then modify our existing library or add new phishing content based on analyzed activity.
  2. We take advantage of real-world misconfigurations to support domain spoofing. If a customer, supplier, or partner uses a domain vulnerable to spoofing, you can abuse this in phishing tests to add an additional layer of realism.
  3. Every phishing email in our library has some form of secondary action getting tracked. This is supported through the tracking of email responses, tracking of phishing website clicks, and the opening of email attachments. This is designed to replicate the workflow of a real-world phishing attack.

No. CanIPhish provides all the infrastructure and phishing content needed to conduct phishing tests. We provide hosted email servers and phishing websites. We additionally support the use of third-party infrastructure if you need complete control over email delivery or website interaction tracking.

The team at CanIPhish has developed an entirely self-service platform. We empower our customers through an easy-to-use platform that contains detailed knowledge base articles and video walkthroughs. You can sign up for free, evaluate the platform, review our public pricing, and upgrade your subscription without interacting with a sales representative.

You can use Generative AI to replicate an emerging tactic where attackers engage victims in back-and-forth conversations to establish trust. Additionally, these back-and-forth conversations help to trick email filtering technologies into recognizing the attacker as a trusted contact, increasing the likelihood that a phishing payload will go undetected and land in a victim's mailbox. By simulating this technique, you can prepare employees to recognize and evade sophisticated social engineering threats.

CanIPhish uses a proprietary Generative AI model (PhishAI) that's been developed in-house to replicate this phishing tactic and ensure your employees are well-equipped to deal with real phishing threats.

Engage Employees In Hyper Realistic Phishing Simulations

  • 120+ Phishing Emails - Themed against popular services that employees use day-to-day.
  • AI-Powered Phishing - Using generative AI, CanIPhish simulate conversational phishing attacks by email and phone.
  • Domain Spoofing - Abuse real-world misconfigurations to spoof domains and make phishing simulations even more realistic.
  • Fully Customizable - Modify the email subject, body, sender profile, payload and insert variables to dynamically populate information at the time of sending.
  • Multi-Language Content - Seamlessly translate phishing content to one of 75 supported languages.
Phishing Email Library
Easygo Logo

“Adopting CanIPhish marked a significant shift in our workplace culture towards cybersecurity.”

“CanIPhish has equipped our team with the necessary skills to enhance security awareness effectively without undermining productivity or the vibrant atmosphere of our workplace. ”

Read The Full Customer Story Michael McKinnon
Michael McKinnon Head of Security at Easygo

The Benefits Of A Gamified Phishing Simulator

Let's face it. Traditional phishing simulations are a penalty-based exercise.

Employees fall victim to simulated phishing attacks and then appear on a list where they may be reprimanded or may be assigned more training. This approach can introduce fear and anxiety, invoke negative emotional responses, decrease motivation, and much more.

A gamified phishing simulator flips this approach on its head. Instead of only penalizing employees, we reward those who show positive behaviors. These behaviors can be plentiful and could include the avoidance of phishing emails, reporting phishing emails, completing assigned training on time, completing training on the first attempt, and much more.

Employees can then be tracked on an organizational leaderboard, where positive reinforcement is used and positive behaviors are encouraged.

CanIPhish is a gamified phishing simulator. Employees are assigned badges whenever positive behaviors are observed. These badges earn points that accumulate on a leaderboard where you can use friendly competition and rewards to motivate employees to educate themselves.

Top