Can I replicate a real phish and then publish it as a simulation?

Yes, if you have received a genuine phishing email into your organisation, you can then replicate and publish this as a phishing simulation. 

This can be a very powerful learning opportunity for your end users when the results of your simulation are shared internally. 

  • First of all, to replicate the genuine phish email, follow the steps within article: Creating your own Phish Template
  • Next, click on Source and paste the HTML Source Code for your phishing email.


  • Select the 'Source' button again, and your phish will now appear within the email body, where it can be further customised as required.
  • You can also choose to expand this simulation by creating your own custom Learning Experience that highlights those red flags within the email that make it identifiable as a phish. If you wish you do this, please follow the steps within article: Can I upload my own Learning Experiences?
Back to all articles