Preventing phishing clicks through behavior change – here’s how Smartphoto does it

“These days, more and more companies are falling victim to ransomware. At the same time, we’re seeing phishing attacks happen more frequently too,” says Jo Van Maldeghem, IT Operations at Smartphoto. After a year of working with the Phished platform, the impact is crystal clear: “Employees are much more alert to phishing attempts. Our phishing rate dropped from 40.5% to below 5% – a clear sign that behavior is changing.”

Before partnering with Phished, Smartphoto’s IT department ran occasional manual phishing simulations – but these quickly proved insufficient to truly educate employees.

In the recent past, Smartphoto fell victim to a ransomware attack. While the issue was swiftly resolved, it served as a wake-up call. It became clear that employees needed more structured, ongoing training to recognize phishing emails and prevent future incidents.

Smartphoto reached out to several security awareness providers, but one stood out. 
“We chose a specialized company that focuses almost entirely on anti-phishing,” says Jo Van Maldeghem. “With many competitors, that’s just a small part of their overall offer – but Phished puts it front and center.”

This completely transformed Smartphoto’s approach. The IT department’s manual email campaigns were discontinued. Instead, employees now benefit from a holistic learning experience where theory is seamlessly combined with practical application. Real-life phishing simulations are interspersed with short training sessions in the Phished Academy—significantly boosting awareness of security risks.

The platform also offers clear reporting, enabling close monitoring of ROI and allowing timely, targeted action where needed.

“We are very satisfied with the results of the Phished Security Awareness Training. The numbers are encouraging, and we’ve seen that employees are more aware of phishing threats and better prepared to handle them,” says Jo Van Maldeghem.