PhishTrainer is a Swiss phishing simulation product from bexxo, aimed at SMEs. Based on the crawled content, its main purpose is to help companies run realistic phishing simulations, measure how employees respond in phishing scenarios, and strengthen staff security awareness. It is more of a security awareness training and behavior assessment tool than a traditional email gateway, EDR, or vulnerability protection product.
Based on the information disclosed so far, PhishTrainer is built around a “simulate—measure—improve” loop: it runs realistic phishing exercises, observes whether employees click links, submit information, or engage in other risky behavior, and then uses the results to improve vigilance. Its target segment is clearly SMEs, which often lack large security teams and need lightweight tools for building security awareness. However, the source text does not specify whether it provides an admin console, automated reports, group-based campaigns, employee training content, alert notifications, or multilingual templates. As a result, its management and alerting capabilities can only be confirmed at the level of “measuring employee responses.”
The current text does not disclose the deployment model, so it is unclear whether PhishTrainer is delivered as SaaS, self-hosted software, or a hybrid deployment. There is also no mention of compliance certifications or data processing details such as GDPR, ISO 27001, or SOC 2. For a phishing simulation platform, employee email addresses, click behavior, and training records may all involve sensitive data, making compliance and data residency important factors in procurement decisions. Its integration capabilities are also not disclosed, including whether it supports Microsoft 365, Google Workspace, SSO, directory synchronization, or integrations with security platforms.
The crawled content does not include pricing, plans, trials, or per-user billing information, so its actual value for money cannot be determined. Given its SME positioning, transparent and low-barrier pricing would better match its target customers if offered later. With the currently limited information, however, its value for money can only be rated as average.
Its strengths are clear positioning, a focus on phishing simulation for SMEs, and an emphasis on realism and measuring employee responses. Its Swiss background may also appeal to companies that care about the European privacy environment. The main weakness is the lack of public information, including pricing, deployment model, compliance, integrations, service support, and localization details. It is suitable for SMEs that want to start with basic phishing exercises and improve employee security awareness.
Access from mainland China is unknown, and there is no disclosed information on whether it supports RMB payments, domestic Chinese invoices, a Chinese interface, or Chinese phishing templates. If you require China compliance, local service, or stable access from within China, it is worth evaluating KnowBe4, Cofense, Hoxhunt, Proofpoint Security Awareness, or security awareness training and phishing simulation solutions from domestic Chinese security vendors as well.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on phishtrainer.com official site.
phishtrainer.com is an Switzerland Cybersecurity provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach phishtrainer.com directly.