Cymraeg
Hwb

Hwb-managed email phishing simulation

Schools using Hwb-managed email can now request email phishing simulations to enhance staff awareness.

This important practice improves vigilance against malicious emails and helps protect your:

  • accounts
  • devices
  • files 
  • productivity

Conducting phishing simulations:

  • reinforces good cybersecurity practices and builds resilience within your school
  • ensures staff can identify and respond to suspicious or unexpected emails
  • delivers measurable outcomes through detailed reporting

How it works

All Hwb accounts have access to email via Microsoft Exchange Online. This entitlement includes the use of a phishing attack simulation module. We can safely deliver a ‘suspicious’ email to all staff. We can then report on staff actions (such as ‘read’, ‘clicked’, ‘deleted’ or ‘reported’) without causing alerts within our internal systems. Users clicking on the phishing link in the email are taken to the Hwb phishing training page.

This is an internal service for Hwb-managed mailboxes only. It cannot be used with externally hosted email.

Request a phishing simulation

Interested schools should contact their local authority to arrange a request.

The local authority data controller should then request and authorise a simulation on behalf of each school.

The request should be made via the Hwb support desk, providing:

  • school names and DfES numbers
  • assigned recipients (either MIS staff only or MIS staff and governors)
  • the start date of the simulation
  • the duration of the simulation (typically 2 weeks, and once completed all web links and monitoring will stop)
  • confirmation that the school exclusively uses Hwb-managed email
  • a description of the ideal type of phishing email (optional)

Subject to available resources, we will work with you to provide a template which best fits your description. This can include personalisation, for example the inclusion of staff first names in the body of the email.

When a simulation launches, all recipients will receive the email simultaneously. There is no method of staggering its delivery. 

Reporting metrics

The anonymised report includes the number of users that:

  • clicked the message link (compromised user)
  • reported the message
  • read the message
  • deleted the message
  • replied to the message
  • forwarded the message
  • were out of office on receipt of the email

We are not sharing identifiable data in the report and all reports contain only aggregated data.

Access to manage attack simulations

This feature cannot be assigned to individual users for specific schools. It is therefore a Hwb-managed service, where upon request we can create a simulation on your behalf and send you the results.