KHIPU – Simulated Phishing

Home > Brokerage > Services & Consultancy > KHIPU – Simulated Phishing

This is a single supplier Jisc framework available to HEAnet, its member institutions and consumers of its services.

Services Available under Framework

The framework is with KHIPU for simulated phishing and associated awareness training framework is a key service that addresses the first and last layer of defense in any organisation – the users. The framework includes the following services:

  • Simulated Phishing Services: Customer-tailored phishing scenarios to identify the ‘risk factor’ and how vulnerable the organisation is to phishing attacks.
  • Infrastructure: Are email accounts and systems, as well as the perimeter security (e.g. spam and web filtering, firewalls etc) configured correctly or capable of protecting against a phishing attack?
  • Users: How many open phishing emails, click on URL links and share information via phishing websites? How many download attachments from unknown senders?
  • Processes: How do users / IT helpdesk departments etc react to phishing emails?
  • Devices: What operating systems, web browsers and plug-ins are being used – are they authorised or vulnerable?

Associated User Awareness and Training Services to raise awareness of cyber-attacks delivered via phishing emails, spam, social engineering attempts etc, to help prevent both the individual and organisation from being successfully attacked.

  • Awareness training customer portals: What is phishing, facts, statistics, how to identify, what to do, quizzes, training videos and interactive material
    Classroom training – Cyber security awareness: That covers all key areas on cyber security and phishing including
  • Cybersecurity 101, phishing: what is it, the facts and threats to your personal and work life, detection and avoidance, supported by cybersecurity awareness quizzes. The agenda has been designed for staff, both with and without extensive knowledge of IT.

Risk Assessment and Phishing Prevention Report created after each activity, highlighting the risk, all findings including comparisons from previous simulated phishing and training exercises (to measure the success), with recommendations for training, infrastructure configurations and solutions for on-going protection and prevention.


This agreement will expire on 10 April 2021.

More Detailed Information

KHIPU Networks. 15-Minute Webinar Series: Simulated Phishing and Associated Awareness Service Overview covers the following topics:

  • Latest Phishing Cyber Attacks
  • Overview of Simulated Phishing and Associated Awareness
  • Customer case studies
  • Real-life statistics showing how the service reduces the risk of phishing attacks
  • How to procure
  • Q&A

Full details are available via Jisc here.

For more information please contact