Simulated Attacks

Nimblr's simulated attacks are an important part of the training programme and are based on thousands of current threats analysed, processed and disarmed by Nimblr experts.

Realistic, customer-specific simulations

To make the simulations more realistic, they are customised using customer-specific data entered by the administrator, such as the name of the business's CFO, the customer's own logo or information on the office software used in the business.

The library of simulated attacks is continuously updated based on the latest trends among cybercriminals. Nimblr's intelligent algorithm prioritises and distributes the simulations with user-specific schedules. The simulated attacks are selected based on the user's history; for example, those users who have a history of difficulty identifying fake senders receive more simulations of this type, while other users, such as those who find it difficult to resist clicking on gift card and reward offers, receive more simulations in this category. The level of difficulty gradually increases as the user learns to recognise and avoid a particular type of attack.

Nimblr Instant Learning

Each simulated attack is linked to a customised reminder for those users who are tricked into clicking the link, or opening the attachment, in a simulated attack. The reminder is called Nimblr Instant Learning and displays the message that tricked the user, along with interactive tips on what to do differently next time. Along with the specific tips, the user is also offered to start an optional basic training module tied to the current simulation.

Monitoring current phishing trends

The simulated attacks are generated and sent automatically to all active users in the Nimblr Security Awareness Programme. Typically, two simulations are sent per user per month, but the frequency can be adjusted as desired. Nimblr monitors current phishing trends and ongoing attacks to quickly create new simulations and train users before they are exposed to the real attacks.

Examples of simulated attacks

The simulated attacks are an important part of Nimblr Security Awareness and consist of both customised and generic simulations of phishing, fraud, malware and many other types of IT-related threats.

Microsoft Office 365

Simulated phishing that claims that the user needs to sign in to Microsoft Office 365 and verify their inbox. In real life, attacks of this type are used to get hold of the user’s log-in details.

To optimise learning, many training sessions are linked to everyday activities and are often initiated through a simulated attack. With Nimblr Instant Learning, users who are fooled by a simulated attack receive immediate feedback and concrete tips on how to avoid similar attacks in the future.

Screenshot of Microsoft 365 phishing simulation.Screenshot of Phishing Simulation that seems to be sent from within the user's own organisation.

From the user’s own organisation

Simulated attack pretending to come from someone in your organisation. The data is taken from the organisation's Nimblr configuration. In reality, this type of attack has been used to infect organisations with ransomware.


Simulated attack claiming that someone has mentioned the recipient on Facebook. In reality, this type of attack is used to obtain Facebook login details or to spread malware.

Screenshot of a Social media Phishing Simulation.

Are you curious too?

Book a demo meeting with our IT-savvy salespeople and see how Nimblr can help you in action.

Book a demo meeting