ScamDrill
Security Awareness Training That Actually Works
Start new thread
Justin Fernandez

ScamDrill - Security Awareness Training That Actually Works

by
Safe, realistic scam simulations for the people you want to protect. At home: train teens, aging parents, and your whole family to spot phishing, IRS scams, Discord cons, and grandchild emergencies. At work: run adaptive, audit-ready phishing simulations across 100–10,000 seats with SOC 2 / ISO / HIPAA reporting and SSO. Friendly debriefs, streaks and achievements, AI second-opinion email checking. Free forever for 1 learner. Org plans from $1,499/yr.

Add a comment

Replies

Best
Justin Fernandez
Maker
📌
Hey Hunters — Justin here, founder of ScamDrill. Launching **ScamDrill for Organizations** today: a phishing simulation and security awareness platform built for the SMBs and mid-market teams that the enterprise category has been pricing out for a decade. **Why we built it** If you run security or IT at a 50–2,500-person company, you've probably been stuck between two bad options: 1. Annual "click-through" compliance training that everyone speeds through and forgets by next week. Satisfies the auditor, does nothing for click rates. 2. Legacy enterprise platforms that cost $5–10/seat/month, require a sales call, and assume you have a full-time security awareness program manager. You don't — you're already wearing five hats. Phishing is still in 36% of breaches (Verizon DBIR 2025) and the average phishing breach now costs $4.8M (IBM Cost of a Data Breach 2025). The tooling that matches the threat shouldn't be reserved for the Fortune 1000. **What's different** - **Adaptive per-employee training.** Most platforms send the same template to everyone on a calendar. ScamDrill tunes per-employee — Finance gets more BEC drills, Engineering gets more credential-harvesting drills, strong performers auto-graduate to harder tiers. Three difficulty levels, per-tactic mastery heatmap, all automatic. - **Engagement built in.** Streaks, eight achievement badges, tactic mastery, and a monthly admin digest are standard on every plan — not a premium upsell. - **AI scam detection bundled.** Employees forward suspicious mail to `check@scamdrill.com` for an instant risk score and red flags. A real defensive tool living alongside the simulator. - **Audit reports on every paid plan.** SOC 2, ISO 27001, HIPAA, and PCI-DSS-ready CSV exports start at the $1,499/yr Team plan — not gated to the top tier. - **Self-serve and transparent.** Public pricing, online signup, first campaign live within the week. From $1.25/seat/mo at 100 seats down to $0.58/seat/mo at 10,000. **What I'd love from PH today** - If you've stood up a phishing program at an SMB or mid-market company, tell me what worked and what didn't. - If you're shopping this category right now, tell me what's making you hesitate — pricing, deployment lift, content quality, integrations. I'll answer everything in the thread. - If you spot something on the site that doesn't land, say so. I'd rather hear it from PH than from a churning customer six months from now. Thanks to everyone who helped push this across the line. — Justin [scamdrill.com/corporate](https://scamdrill.com/corporate)