Frequently Asked Questions
Everything you want to know about phishing simulations and cybersecurity awareness training at CoBoo.
What is a phishing simulation?
In a phishing simulation, we send realistic fake phishing emails to your employees, exactly like real cybercriminals do. We measure who clicks on links, who enters credentials, and who reports the email as suspicious. The goal is not to catch people out, but to identify vulnerabilities before a real attacker does.
Is a phishing simulation legal?
Yes, provided it is conducted under a formal agreement. Every CoBoo simulation is documented in a written contract between you and us. This legally protects both you and your employees. We never conduct a simulation without explicit written authorization from the client.
How long does a phishing simulation campaign last?
A standard phishing simulation runs for 2 to 4 weeks. During this period, emails are sent in phases, giving you a representative picture of security awareness across your organization. After the campaign, you receive a detailed report with findings and recommendations.
Which organizations are your services suitable for?
We focus on organizations with 20 to 250 employees, small enough for personal service, large enough for meaningful data. We work extensively with companies in the Netherlands, particularly in Drenthe, Groningen, Friesland, and Overijssel. Outside this range? Get in touch and we'll see what's possible.
What is the difference between CoBoo and Lumyo Awareness?
CoBoo focuses on testing: we measure how vulnerable your employees are to phishing through realistic simulations. Lumyo Awareness focuses on training: interactive e-learning modules that teach employees to recognize threats. The two complement each other perfectly, gain insight with CoBoo, then train targeted with Lumyo.
Don't see your question?
Feel free to reach out. We're happy to answer your questions personally.
Ask your question