Phishing Simulations: Better Than Theory

5 min read

Phishing causes billions in damages to companies every year. According to Bitkom, total losses from cyberattacks on German companies amounted to €203 billion in 2022. In 2024, 94 percent of all companies fell victim to at least one phishing attack. Traditional training programs have proven largely ineffective. An alternative is offered by msecure, a subsidiary of the synaforce Group, which simulates real-world phishing scenarios during regular business operations.

Key Takeaways

94 percent of companies fell victim to phishing attacks in 2024 (Keepnet Labs, 2025).
AI-generated phishing emails achieve a 54 percent click-through rate, compared to just 12 percent for manually crafted messages.
In March 2024, synaforce received BSI C5 certification for cloud services, specifically tailored for critical infrastructure customers.
The NIS2 Implementation Act has been legally binding in Germany since December 6, 2025. Registration with the BSI became mandatory starting January 2026.
A strategic partnership with TEHTRIS delivers an AI-powered XDR platform for MSPs and enterprises.

94 %

of companies were targeted by at least one phishing attack in 2024

Source: Keepnet Labs, Phishing Statistics 2025

What is Phishing simulations?

Phishing simulations is a concrete priority for companies in 2025 because it directly shapes scalable data center capacity, energy efficiency and compliance. This article uses synaforce as an example to show which requirements, figures and operational steps matter in practice.

Why Does Phishing Remain Dangerous?

Obtaining access credentials through fake emails remains one of the most significant entry points for cybercriminals into German companies. In 2024, approximately 20 percent of all emails worldwide contained phishing or spam content. Between three and four billion phishing emails are sent daily. According to Bitkom, the total damages caused by cyberattacks on German businesses-ranging from password theft to ransomware-amounted to 203 billion euros in 2022.

Much like spam, phishing aims to defraud victims: deceptively authentic emails, messages, AI-generated calls, or websites trick recipients into disclosing user and account information.

In the past, phishing emails could often be identified by awkward wording or errors in the subject line. However, that is no longer the case, especially since the advent of trainable AI models such as ChatGPT. According to recent analyses, AI-generated phishing emails achieve a click-through rate of 54 percent, compared to just 12 percent for manually crafted ones. Moreover, detecting them via cryptic URLs has become increasingly difficult: who would notice .co for Colombia instead of .com, or the substitution of “r n” for “m” in “rnicrosoft.com”?

It is precisely this ability to recognize such threats that employees must develop, emphasizes Götz Blechschmidt, Managing Director of the IT security consultancy msecure, a subsidiary of the synaforce Group.

“The threat landscape was already immense in 2024, and it is unlikely to improve in 2025. Our collective resilience will be crucial in addressing these ever-more complex dangers.”
Andreas Braidt, CEO of synaforce GmbH

Frequently Asked Questions

What makes phishing so dangerous today?

Phishing attacks are dangerous because they exploit human psychology to trick individuals into revealing sensitive information, such as login credentials. With the rise of AI-generated phishing emails, these attacks have become more convincing and harder to detect, making them an even greater risk for organizations.

How can companies protect themselves against phishing?

Companies can protect themselves by implementing multi-layered security measures, including employee training on recognizing phishing attempts, deploying advanced email filtering systems, and regularly updating cybersecurity protocols. Additionally, fostering a culture of vigilance and continuous learning is essential to mitigate risks.

What role does AI play in modern phishing attacks?

AI plays a significant role in modern phishing attacks by enabling the creation of highly realistic and personalized phishing emails. These AI-generated messages are designed to bypass traditional detection methods, increasing their success rate and posing a serious challenge to cybersecurity defenses.

How do phishing attacks impact businesses financially?

Phishing attacks can lead to substantial financial losses for businesses, including direct costs such as ransom payments, indirect costs related to system downtime, and long-term damage to reputation. In Germany alone, cyberattacks resulted in 203 billion euros in damages in 2022, highlighting the severe economic consequences of these threats.

Effectively Complement Traditional Training

The goal of data protection training, such as that offered by msecure, is to raise employees’ awareness about handling emails with caution. Participants learn what to look out for and which links they should never click. However, given the sheer volume of information employees are bombarded with in their daily work, traditional training measures often have only a short-term impact.

msecure therefore relies on simulating real phishing scenarios during regular business operations. Instead of theoretical lectures, employees experience realistic attacks within their own work environment. Anyone who clicks on a simulated phishing email immediately receives an explanation of how they could have recognized the forgery. This practice-oriented training promises more direct and lasting awareness than conventional training formats.

synaforce 2024: Setting New Standards in IT Security

In 2024, synaforce took decisive steps to strengthen its position as a provider of advanced IT security solutions. A central milestone was achieving C5 certification from the BSI (Federal Office for Information Security) in March 2024. This certification confirms that synaforce’s cloud services meet the highest security standards and are specifically suitable for customers in critical infrastructure sectors (KRITIS).

Furthermore, synaforce strategically prepared for the implementation of the NIS2 Directive. The company’s existing certification base, which includes ISO/IEC 27001, ISAE 3402, and EN 50600, was further strengthened by the C5 certification. Since December 6, 2025, the NIS2 Implementation Act has been binding in Germany. As of January 2026, affected entities are required to register with the BSI.

Modern data center with illuminated server aisles – article about phishing simulations and synaforce, section 1

Tobias Lehner, CTO of synaforce GmbH. Image source: synaforce GmbH.

“We are proud of what we achieved in 2024. However, the current threat landscape demonstrates how crucial it is to consistently expand our capabilities. 2025 will be another year of progress for us, during which we will further intensify our commitment to cybersecurity,” says Tobias Lehner, CTO of synaforce.

Strategic Partnership with TEHTRIS

Another highlight was the strategic partnership with TEHTRIS. Together, both companies present the TEHTRIS XDR AI PLATFORM, an AI-powered security solution. It monitors all endpoints, networks, and cloud services in real time and centrally manages all security measures through a dashboard. Companies benefit from comprehensive protection, compliance security, and the modularity of the solution. Managed Service Providers can increase the efficiency of their security measures and expand their portfolio with proactive Managed Detection and Response (MDR) without having to invest in expensive infrastructures themselves.

What awaits companies in 2025 and 2026

The IT security landscape presents growing challenges for companies. Cybercriminals are increasingly using deepfake technologies to bypass voice recognition systems in verification processes. Identity attacks are becoming the preferred method: instead of hacking systems, attackers simply log in.

In addition, Advanced Persistent Threats (APTs) are increasingly returning to the spotlight. These are characterized by their longevity and precision, allowing attackers long-term access to valuable information. The targets are increasingly KRITIS companies, which are additionally exposed due to the growing OT attack surface.

Modern data center with illuminated server aisles – article about phishing simulations and synaforce, section 2

Andreas Braidt, CEO of synaforce GmbH. Photo source: synaforce GmbH.

“The implementation of the NIS2 Directive plays a crucial role. synaforce actively supports companies with comprehensive consulting as well as the planning and implementation of targeted measures to minimize cyber risks and establish sustainable security strategies,” says Andreas Braidt, CEO of synaforce.