Lucy Security's phishing simulation and security awareness training platform enables organizations to simulate attacker behavior to identify gaps in technical infrastructure and employee security awareness. The platform supports a broad range of attack simulation types including: - Portable media attacks (USB, SD card, CD-based file templates) - SMiShing (SMS-based phishing) - Data entry attacks (fake login/web pages to capture sensitive input) - Hyperlink attacks (randomized tracking URLs via email) - File-based attacks (malicious attachments: Office macros, PDFs, executables, MP3s) - Double barrel attacks (multi-email campaigns with a benign bait email followed by a malicious one) - Java-based attacks (trusted applet execution tracking) - PDF-based attacks (hidden executables or dynamic phishing links in PDFs) - Mixed attacks (combining multiple scenario types in one campaign) - Spear phishing simulations using dynamic variables (name, gender, division, country, etc.) Additional capabilities include: - A URL redirection toolkit to guide users to training content based on their actions - A website cloner for creating realistic landing pages - URL shortening integration for campaigns - DKIM and S/MIME support for signed phishing simulation emails - A data entry validation toolkit to filter false positives - A multilingual attack template library with 30+ languages and hundreds of predefined templates - Sector- and division-specific attack templates - Level-based phishing training to measure and quantify social engineering risk - Custom homepage creation for phishing domains - Attack URL variation controls (short, long, or individual per-user URLs)