New Feature: Measure and reduce user susceptibility to attachment phishing scams

Introducing the latest update to usecure's phishing simulation feature, uPhish, which has been highly anticipated by IT leaders and Managed Service Providers (MSPs) in our community: Attachment-enabled phishing simulations.

Why do IT leaders need to address the risk of attachment phishing?

Attachment phishing, a method where attackers disguise malware or malicious links in email attachments, poses a substantial risk to today's businesses.

As the statistics below point out, end-users are more likely to click on a harmful email attachment compared to a link within a phishing email.


These emails often mimic trusted brands or use targeted spear-phishing tactics to lure users into compromising their security. Educating users on recognising and responding to these threats is paramount, as these attacks exploit human curiosity and trust to breach organisational defences.

Gain deeper insights into phishing risks with more diverse attack techniques

To empower organisations in the battle against sophisticated cyber threats, our new feature enables IT leaders and managed service providers to measure, reduce, and monitor human risk against attachment scams.

  • Ready-made selection of attachment templates: Save time and resources with a diverse library of attachment templates that mimic real-world attacks, including those impersonating trusted brands and spear-phishing emails tailored to specific individuals or departments within an organisation.

uPhish Attachmnt Phishing template library

  • Customisable attachment phishing campaigns: Gain the flexibility to craft bespoke phishing simulations. Create custom email templates and upload your attachments to test and educate users on specific threats.

  • Comprehensive compromise rate tracking: Track how many users download the attachment or click on a link within the attachment that directs them to a fake phishing landing page, designed to mimic the actions of submitting credentials to a malicious actor.

Educate users with engaging courses on how to spot attachment phishing

Recognising the critical role of continuous education in mitigating human risk, usecure has introduced two new training courses alongside this feature release.

These courses help to equip users with the knowledge and skills to identify and avoid the pitfalls of attachment phishing, reinforcing the practical lessons learned through the simulation tool:

  • Course #1 – Attachment Phishing: Designed to proactively educate all users by providing insights and tips on how to stay safe.
  • Course #2 – Attachment Phishing Micro Training: Designed to educate users who have failed an attachment-enabled phishing simulation on what they missed, and how to prevent being compromised in future.


Embrace proactive security with usecure

This enhancement to uPhish is more than just a feature release; it's a commitment to proactive security.

IT leaders and MSPs now have a powerful tool at their disposal to not only test their organisation's vulnerabilities but also to educate and empower their teams to be the first line of defence against cyber threats.

Get started today

Explore the new attachment phishing simulation feature and the accompanying training courses to build a resilient and informed workforce, capable of defending against the most deceptive of attacks.

Already have a usecure account?

Learn how to launch your first attachment-based phishing simulation in uPhish in this step-by-step guide.

Not yet a usecure customer or partner?

Schedule a quick call with our team to learn how usecure enables IT leaders and managed service providers to measure, reduce and monitor human risk through admin-lite automation.