Introduction
Welcome to PhishSpot, a comprehensive phishing simulation and security awareness training platform. This manual covers all features available to account admins. It is designed for non-technical users and walks through every section of the platform step by step.
PhishSpot allows your organization to run realistic phishing campaigns, track employee responses, deliver security awareness training, and measure your team’s resilience to social engineering attacks over time.
1.1 What Is PhishSpot?
Section titled “1.1 What Is PhishSpot?”PhishSpot is a SaaS platform that helps organizations test and improve their employees’ ability to recognize phishing emails. As an admin, you can create simulated phishing campaigns that mimic real-world attacks, send them to your team, and then track who opened the email, who clicked the link, and who submitted sensitive information on a fake landing page. After a click, employees can be redirected to a training course to improve their awareness.
1.2 Who Is This Manual For?
Section titled “1.2 Who Is This Manual For?”This manual is written for account-level admins. If you have the Admin role on your team, you have full access to all features described in this guide: managing campaigns, contacts, templates, domains, courses, team members, reports, and account settings.
1.3 User Roles Overview
Section titled “1.3 User Roles Overview”PhishSpot uses three user roles within each account. Your role determines what you can see and do:
| Role | Access Level | Key Permissions |
|---|---|---|
| Admin | Full access | Everything: campaigns, contacts, templates, team management, account settings, domains, courses, media, webhooks, reports |
| Editor | Content access | Campaigns, contacts, courses, templates, media, reports. Cannot manage team members or account settings |
| Member | Read-only | Can view campaigns, contacts, and reports but cannot create or modify anything |