Have you ever received a phishing simulation from this employer?
- Yes, at this employer
- Yes, but only at a previous employer
- No, never
- Not sure
When was the most recent phishing simulation you recall from this employer?
- Within the last 7 days
- 2–4 weeks ago
- 1–3 months ago
- More than 3 months ago
- I don't recall
- Not applicable—I haven't received one here
Thinking about your most recent simulation from this employer, what did you do? Select all that apply.
- Reported it using the reporting tool/process
- Deleted it without interacting
- Clicked a link or opened an attachment
- Replied to the message
- Ignored it and took no action
- Asked a colleague or IT for advice
- Marked it as spam/junk
- I don't recall
Overall, how realistic did the most recent simulation feel?
Please rate how realistic each aspect of the simulation felt.
How difficult was it to identify the simulation as phishing?
Which cues did you notice in the simulation? Select all that apply.
- Suspicious sender or domain
- Generic greeting or unusual salutation
- Spelling or grammar errors
- Urgent or threatening language
- Unexpected attachment
- Mismatched or odd-looking URL
- Unusual request for sensitive data
- Off-brand visuals or layout
- Timing felt unusual (e.g., outside business hours)
- I did not notice any specific cues
Attention check: To confirm you’re paying attention, please select “I am paying attention.”
- I am paying attention
- I am not paying attention
- Prefer not to answer
Before your most recent simulation, how confident were you in each area?
Today, how confident are you in each area?
What did you learn or reinforce from the simulation(s)? Select all that apply.
- How to use the report button or process
- How to inspect URLs safely
- Common red flags to watch for
- How to verify sender identity
- To pause and validate urgent requests
- Where to find internal guidance/resources
- Nothing new to me
In the next 30 days, how likely are you to change any habits based on these simulations (e.g., reporting faster, inspecting links)?
Rank the training formats by how helpful you find them (1 = most helpful).
What cadence of phishing simulations would you prefer?
- Twice per month
- Monthly
- Every 2 months
- Quarterly
- Twice per year
- Once per year
Which best describes your primary function?
- Engineering/IT
- Operations
- Sales
- Customer Support
- Human Resources
- Finance
- Legal
- Marketing/Communications
- Other
- Prefer not to say
How long have you worked at this employer?
- Less than 6 months
- 6–12 months
- 1–3 years
- 3–5 years
- More than 5 years
- Prefer not to say
Where are you primarily located?
- Americas
- EMEA
- APAC
- Prefer not to say
On a typical workday, about how many emails do you handle?
- 0–24
- 25–74
- 75–149
- 150+
- Prefer not to say
Welcome! This brief survey asks about your experience with phishing simulations. Your responses are confidential and will be used to improve training. Thank you for your time.
Any suggestions to improve future simulations or related training? Please share specifics if possible.
Max 600 chars
AI Interview: 2 Follow-up Questions on phishing simulations
Thank you for participating! Your feedback helps us make training more relevant and effective.