Abstract: Systems and methods of embodiments are described of a campaign controller that establishes a model for using a plurality of types of exploits based on at least results of simulated phishing communications using those exploits, and uses the model to communicate a first simulated phishing communication to one or more devices of a user where the type of exploit used for the first simulated phishing communication is selected using the model. The campaign controller applies either artificial intelligence or machine learning to the results of simulated phishing communications to establish the model. The campaign controller selects the exploit by applying either artificial intelligence or machine learning to one or more attributes of the user and/or one or more responses from the user.

Abstract: The present disclose describes systems and methods for creating a simulated phishing campaign for a user based on at least a history of the user with respect to simulated phishing campaigns. A database may be configured to store simulated phishing campaign history of a user, the simulated phishing campaign history comprising information on events associated with the user during one or more previous simulated phishing campaigns, A campaign controller may identify the simulated phishing campaign history of the user from the database, determine based at least on the simulated phishing campaign history of the user, a model from a plurality of models for creating a simulated phishing campaign directed to the user; and create, responsive to the determination, the simulated phishing campaign using the model.

Abstract: Systems and methods of embodiments are described of a campaign controller that establishes a model for using a plurality of types of exploits based on at least results of simulated phishing communications using those exploits, and uses the model to communicate a first simulated phishing communication to one or more devices of a user where the type of exploit used for the first simulated phishing communication is selected using the model. The campaign controller applies either artificial intelligence or machine learning to the results of simulated phishing communications to establish the model. The campaign controller selects the exploit by applying either artificial intelligence or machine learning to one or more attributes of the user and/or one or more responses from the user.

Abstract: Systems and methods are described by which a serving module of a campaign controller identifies a first version of a model which the campaign controller uses to communicate a first simulated phishing communication to a plurality of users. The campaign controller receives a first response from a first user to the simulated phishing communication and a second response from a second user to the simulated phishing communication and determines that the first and second responses are corresponding, for example are the same or similar. The serving module assigns a first user to a first group of users and a second user to a second group of users and identifies a second version of the model to use for the first user and a third version of the model to use for the second user.

Abstract: The present disclosure describes systems and methods for using a template for a simulated phishing campaign, A database includes a plurality of templates for simulated phishing campaigns, each template of the plurality of templates identifying a list of a plurality of types of simulated phishing communications and at least a portion of content for the simulated phishing communications. A campaign controller selects a template from the plurality of templates for a simulated phishing campaign directed to a user of a plurality of users; and communicates, to one or more devices of the user a first type of simulated phishing communication of the plurality of types of simulated phishing communications with at least the portion of content identified by the template.

Abstract: The present disclosure describes systems and methods for using a model for a predetermined role for simulated phishing campaigns. A campaign controller communicates simulated phishing communications to one or more devices of a user using a model that the campaign controller selects from a plurality of models in a database that have been established for predetermined roles of a company. The model is selected based on one or more attributes of the user that are identified by the campaign controller. The campaign controller identifies one or more attributes of each user of a plurality of users for the simulated phishing campaign, and the campaign controller selects a respective model for each user based on the attributes of each user, wherein the models are not all the same for all of the users.

Abstract: Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.

Abstract: The present disclosure describes systems and method for performing a vulnerabilities assessment of an organization. A campaign controller executes one or more simulated phishing campaigns directed to a plurality of users of an organization, using a plurality of models determined by the campaign controller based at least on identification of the organization. The campaign controller stores to a database the results of execution of the one or more simulated phishing campaigns and based on the results, the campaign controller determines one or more vulnerabilities to phishing for the organization. In one embodiment, the campaign controller determines a percentage of the plurality of users of the organization that are phish-prone. In some embodiments, the users of the organization that are phish-prone interacted with a link of a simulated phishing communication.

Abstract: The present disclosure describes systems and methods for using a template for a simulated phishing campaign, A database includes a plurality of templates for simulated phishing campaigns, each template of the plurality of templates identifying a list of a plurality of types of simulated phishing communications and at least a portion of content for the simulated phishing communications. A campaign controller selects a template from the plurality of templates for a simulated phishing campaign directed to a user of a plurality of users; and communicates, to one or more devices of the user a first type of simulated phishing communication of the plurality of types of simulated phishing communications with at least the portion of content identified by the template.

Abstract: The present disclosure describes systems and methods for dynamically creating groups of users based on attributes for simulated phishing campaign. A campaign controller determines one or more attributes of a plurality of users during execution of a simulated phishing campaign and creates one or more groups of users during based on the identified attributes. The campaign controller selects a template to be used to execute a portion of the simulated phishing campaign for a first group of users and then communicates one or more simulated phishing communications to the first group of users according to the template. The template may identify a list of a plurality of types of simulated phishing communications (email, text or SMS message, phone call or Internet based communication) and at least a portion of the content for the simulated phishing communication.

Abstract: Embodiments disclosed describe a security awareness system may adaptively learn the best design of a simulated phishing campaign to get a user to perform the requested actions, such as clicking a hyperlink or opening a file. In some implementations, the system may adapt an ongoing campaign based on user's responses to messages in the campaign, along with the system's learned awareness. The learning process implemented by the security awareness system can be trained by observing the behavior of other users in the same company, other users in the same industry, other users that share similar attributes, all other users of the system, or users that have user attributes that match criteria set by the system, or that match attributes of a subset of other users in the system.

Abstract: A system and method is described that sends multiple simulated phishing emails, text messages, and/or phone calls (e.g., via VoIP) varying the quantity, frequency, type, sophistication, and combination using machine learning algorithms or other forms of artificial intelligence. In some implementations, some or all messages (email, text messages, VoIP calls) in a campaign after the first simulated phishing email, text message, or call may be used to direct the user to open the first simulated phishing email or text message, or to open the latest simulated phishing email or text message. In some implementations, simulated phishing emails, text messages, or phone calls of a campaign may be intended to lure the user to perform a different requested action, such as selecting a hyperlink in an email or text message, or returning a voice call.

Abstract: Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.

Abstract: The present disclosure describes systems and method for performing a vulnerabilities assessment of an organization. A campaign controller executes one or more simulated phishing campaigns directed to a plurality of users of an organization, using a plurality of models determined by the campaign controller based at least on identification of the organization. The campaign controller stores to a database the results of execution of the one or more simulated phishing campaigns and based on the results, the campaign controller determines one or more vulnerabilities to phishing for the organization. In one embodiment, the campaign controller determines a percentage of the plurality of users of the organization that are phish-prone. In some embodiments, the users of the organization that are phish-prone interacted with a link of a simulated phishing communication.

Abstract: Systems and methods, disclosed herein, of a campaign controller that stores information to a database about execution of multiple simulated phishing campaigns for multiple users, where each of the simulated phishing campaigns use one or more models for communicating simulated phishing communications. Based on this information, the campaign controller may determine a rate of success of the model, in causing a user to interact with a link in one of the simulated phishing campaigns, and may display the model's rate of success via a user interface.

Abstract: A system and method is described that sends multiple simulated phishing emails, text messages, and/or phone calls (e.g., via VoIP) varying the quantity, frequency, type, sophistication, and combination using machine learning algorithms or other forms of artificial intelligence. In some implementations, some or all messages (email, text messages, VoIP calls) in a campaign after the first simulated phishing email, text message, or call may be used to direct the user to open the first simulated phishing email or text message, or to open the latest simulated phishing email or text message. In some implementations, simulated phishing emails, text messages, or phone calls of a campaign may be intended to lure the user to perform a different requested action, such as selecting a hyperlink in an email or text message, or returning a voice call.

Abstract: Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.

Abstract: Emboiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.

Abstract: Embodiments disclosed herein describe a server, for example a security awareness server or an artificial intelligence machine learning system that establishes a risk score or vulnerable for a user of a security awareness system, or for a group of users of a security awareness system. The server may create a frequency score for a user, which predicts the frequency at which the user is to be hit with a malicious attack. The frequency score may be based on at least a job score, which may be represented by a value that is based on the type of job the user has, and a breach score that may be represented by a value that is based on the user's level of exposure to email.

Abstract: Systems and methods, disclosed herein, of a campaign controller that stores information to a database about execution of multiple simulated phishing campaigns for multiple users, where each of the simulated phishing campaigns use one or more models for communicating simulated phishing communications. Based on this information, the campaign controller may determine a rate of success of the model, in causing a user to interact with a link in one of the simulated phishing campaigns, and may display the model's rate of success via a user interface.