About the Client
The client is an Indian based company specializing in Business Intelligence (BI) and data analytics solutions. Established in 2014, the company has transformed raw data into actionable insights for organizations across various sectors. With a team of over 40 experienced professionals and more than 20 successful BI system implementations, they offer services including predictive and prescriptive analytics, data modelling, and process improvement. Their “No Compromise BI” approach ensures enterprises can make critical business decisions with instant insights into their cloud data, regardless of its size or complexity.
Objective
- Assess Employee Awareness Conduct phishing simulations to evaluate susceptibility and cyber security readiness.
- Strengthen Security Posture Train employees to recognize, report, and respond to phishing attempts effectively.
- Ensure Email Deliverability Guide the IT team in whitelisting PhishCare domains and IPs to ensure proper delivery of simulation emails.
The Challenge & Its Solution
During the initial phase, phishing simulation emails were flagged as spam due to Sophos firewall settings. PhishCare worked closely with the client’s IT team, providing detailed whitelisting procedures to resolve the issue swiftly.
Later, concerns were raised about OTP email disruptions following the whitelisting. A collaborative investigation confirmed that the issue stemmed from internal firewall policies, unrelated to PhishCare’s configurations. This transparent resolution further strengthened trust and highlighted the importance of comprehensive internal reviews.
Key Findings & Observations
| Metric | Value |
| Total Users | 63 |
| Total Emails Opened | 55 |
| Users Phished | 38 |
| Users Who Ignored Email | 8 |
| Assessment Completion | 23 |
| Users Passed | 22 |
| Users Failed | 1 |
Conclusion
The PhishCare simulation not only uncovered phishing vulnerabilities but also facilitated a measurable improvement in employee awareness. Follow-up awareness training and assessments led to a sharp uptick in security knowledge, as reflected in the high pass rate among those who completed the module.
Moreover, PhishCare’s technical guidance ensured flawless email deliverability, enabling simulations to proceed without disruption to business-critical communication.
This case reinforces the importance of proactive phishing assessments, responsive support, and employee education as essential pillars in building cyber resilience for data-centric organizations.
