Preventing phishing clicks through behavior change – here’s how Smartphoto does it
Smartphoto is an e-commerce company offering photo printing services across 12 European countries. Among the many emails processed daily by their customer service team, phishing attempts are a frequent threat – one of which unfortunately resulted in a successful ransomware attack in the past. This made a specialised Security Awareness Training essential for all 180 employees – a challenge easily handled by the Phished platform.
Why Smartphoto trusts Phished
“These days, more and more companies are falling victim to ransomware. At the same time, we’re seeing phishing attacks happen more frequently too,” says Jo Van Maldeghem, IT Operations at Smartphoto. After a year of working with the Phished platform, the impact is crystal clear: “Employees are much more alert to phishing attempts. Our phishing rate dropped from 40.5% to below 5% – a clear sign that behavior is changing.”
Victim to ransomware
Before partnering with Phished, Smartphoto’s IT department ran occasional manual phishing simulations – but these quickly proved insufficient to truly educate employees.
In the recent past, Smartphoto fell victim to a ransomware attack. While the issue was swiftly resolved, it served as a wake-up call. It became clear that employees needed more structured, ongoing training to recognize phishing emails and prevent future incidents.
Smartphoto reached out to several security awareness providers, but one stood out.
“We chose a specialized company that focuses almost entirely on anti-phishing,” says Jo Van Maldeghem. “With many competitors, that’s just a small part of their overall offer – but Phished puts it front and center.”
Users have become much more alert to potential phishing emails. We see that the phishing rate has dropped from 40.5% to 4.5%.
Generic mailings without results
This completely transformed Smartphoto’s approach. The IT department’s manual email campaigns were discontinued. Instead, employees now benefit from a holistic learning experience where theory is seamlessly combined with practical application. Real-life phishing simulations are interspersed with short training sessions in the Phished Academy—significantly boosting awareness of security risks.
The platform also offers clear reporting, enabling close monitoring of ROI and allowing timely, targeted action where needed.
Great results
“We are very satisfied with the results of the Phished Security Awareness Training. The numbers are encouraging, and we’ve seen that employees are more aware of phishing threats and better prepared to handle them,” says Jo Van Maldeghem.