Empower your users in the fight against malware: Register for our Webinar on June-29th!

Buy a Mock Phish or an IT-Sec Awareness Training for just 1800 Dollars!

Buy educational Phishing campaigns or IT-Awareness trainings for yourself or your clients directly from LUCY!  Define your requirements and we will set up a service based on one of our existing LUCY attack / training templates.

You can buy LUCY educational social engineering services in our shop: Trainings, Phishing and more!We will set up and prepare a mock phish campaign or an awareness training based on your requirements and based on one of our existing templates.

This includes individual templating: Depending on your needs we will configure a Phishing, SMiShing, filebased,  a “Bad Media” (USB/DVD/CD) Attack or an Security training   The configuration of LUCY Server including server configuration tasks is part of the service as well.

Of course we will execute the campaign for you or you can start it yourself.

Debriefing is included – After successful completion we’ll support you in interpreting the campaign results.

You’ll get everything for $ 1800 USD! If you buy a bundle (phishing simulation and awareness training together) you get even a lower price – In this case you’ll have to pay just $ 3000. It has never been so easy to buy Phishing Simulations!

Buy Phishing – What’s in the package?

  • Requirements engineering with customer
  • Configuration of the Campaign
  • Domain reservation and configuration (if needed)
  • User Management and Import (if needed)
  • Templating:  Setting up an appropriate Attack / Awareness Scenario based on a existing LUCY Template*
  • Up to 4 Iterations for refinement
  • Detailed reporting after the campaign
  • Support while campaign execution

* provided by certified Partner or LUCY. The campaign services are dedicated to owners of a commercial edition.

No projects, no long lasting preparations, no hidden costs! Get supreme content from the product leader!

LUCY – We make cyberprevention and simulated internet attacks affordable to everybody!


LUCY Email Risk Score - Visualization how risky emails are

The automated LUCY E-Mail Risk Score

Simplified detection of dangerous emails and massive relief of the security team. The LUCY Email Risk Score as the defining feature of the Threat Analyzer module.

The “Cisco 2017 Annual Cybersecurity Report“, makes it clear: “…In many cases, their security teams can investigate only half the security alerts they receive on a given day.” This is where the Threat Analyzer provides a remedy and relieves the security team of routine work! Why? – Because users can now have suspicious mail in your inbox checked by LUCY.

Threat Analyzer & Email Risk Score – How it works: LUCYs  Threat Analyzer module allows efficient threat management and risk analysis of e-mails who have been submitted by users using the Phishing Incident Plugin for MS-Outlook. The LUCY Risk Score is calculated by the LUCY Server: Internal databases and predefined, custom IT security rules are combined with external threat information. This results in the world’s first multi-level analysis algorithm and of the visualization  of a particularly meaningful key figure – the LUCY Mail Risk Score. First, the header data of the message is inspected. This is followed by the investigation of the message body. Subsequently, the trustworthiness of the sender as well as of the dispatch route are checked and finally the internal security rules are applied. The results are shown in a comprehensive KPI:

LUCY Email Risk Score - Visualization how risky emails are

In short: Users can submit suspicious / risky emails using the phishing incident plugin for Outlook. The mail is delivered to the LUCY Threat Console. Then the Treat Analyzer starts the work with:

  • Header Analysis
  • Domain Analysis
  • Body Analysis
  • Application of custom, predefined rules.

And then everything is visualized in the Email Risk Score!

A part of the LUCY Threat Analyzer & Incident Console

The described functionality is an integral part of the LUCYs Threat Analyzer, which is available in the LUCY “Business Edition” and higher versions.

Cyberprevention using LUCYs Threat Analyzer - Domain Analysis determs e-mail risk

Threat Analyzer as part of the Incident Console – Domain analysis helpst to determ the E-Mail Risk

Neoteric is a LUCY Security Partner in Great Britain

Neoteric Networks UK is a certified LUCY Ecosystem Partner

We are delighted that Neoteric Networks UK has become a LUCY Value Added Reseller!

Neoteric is a LUCY Security Partner in Great BritainCybersecurity is taken very seriously in the United Kingdom. This leads to a high quality standard throughout the market and to a great interest for our LUCY Server.

In the short time since the end of the partnership agreement, Neoteric Networks has already proved its competencies. We are looking forward to this great partnership!

“LUCY fits in exactly where we need it to, helping our customers raise awareness through simulated attacks and delivering the training to where it is needed most. With ever increasing sophisticated attacks from Hackers it is proving an invaluable tool.” says Rebecca Lee, Director Neoteric Networks”.

LUCY Security is a Swiss company, with customers in over 50 countries. The product, LUCY-Server, enables companies to be able to implement realistic cyberattacks simulations for testing purposes, since 2015. At the same time, customized security awareness programs and early warning systems can be used to increase cyber security for employees. The LUCY Server also performs the first-time cyber prevention in the form of a standardized product that is affordable for everyone. In addition customers are given the opportunity to test and improve their IT security, even without special know-how. Contact LUCY here.

Neoteric Networks delivers a comprehensive approach to Cyber Security. With Digitization, Cloud and the blurring of network borders, Cyber Security needs to help shape your business strategies and avoid any malicious attacks. Learn how Neoteric Networks and LUCY Security can reduce your attack surface whilst raising awareness. Contact Neoteric here.

More inquiries: Palo Stacho, co-founder, palo (a t) lucysecurity (d ot) com | LUCY Phishing GmbH | Seestrasse 13 | 8800 Thalwil | Switzerland

The Google Docs Phishing Scam as Mock Phish Scenario

The Google Docs Phishing Attack was highly efficient in the wild. LUCY delivers a Mock Phish scenario based on this attack. The scenario has functions that are not possible with competing products.

The Google Docs Phishing scam in May 2017 was a really efficient one. The google docs phish affected 0.1% of the gmail users. So 1 million accounts (out of approx 1 billion) were affected. That’s why we delivered such a mock phish scenario in LUCY Server:

Google Docs Phishing Scheme as TemplateThe Goggle Docs Phishing SimulationSomeone has shared a document on Goggle Docs with the recipient. This attack template offers a web based login and a download section for a Office-Document with a Macro. The download can be tracked and the Macro additionally reports back to LUCY upon opening.

We’re especially proud of this scenrio not only because it reflects the latest attack. The special thing is that

a.) It goes a step further than the real attack: It contains a custom word file which is compiled in LUCY. And

b.) LUCY-Server is able to track more risk levels than any other competitor product:

  • Link click
  • Submitting credentials
  • Downloading Document
  • Opening Document (Other solutions cannot track this 😉 )

About: LUCY-Security is a Swiss company with customers in more than 50 countries. Its product LUCY Server allows companies to perform realistic cyber attack simulations. At the same time, customized awareness programs and incident alerting tools can be used to increase cyber security. For the first time, the LUCY server makes cyber prevention in the form of a standardized product affordable for all. Customers can now test and improve their IT security without special knowledge! For more information please call Palo under +41 44 557 19 37 or write him a mail under palo (a t) lucysecurity (d ot) com. Thank you.


LUCY Server Overview Two Pager

LUCY Two Pager 2017

All you need to know about LUCY Server on one sheet of paper. The Two Pager Overview for LUCY V 3.4.


LUCY Server Overview Two Pager


The functionality of the Cyber Prevention and Training Server is displayed on a single page using a simple feature list. Explore the full functionality of LUCY Server in a compressed form.



Lucy 3.5 is out

Meet new Lucy 3.5! This version covers mainly internal updates not really visible to the user. Nevertheless we strongly recommend to update immediately to Version 3.5 because of the improved security. You can download VMware ESXi, VMware Workstation, VirtualBox images and Linux installer script on Lucy website, or use a pre-configured AMI on Amazon EC2 instance (search for “lucy” in Community AMIs when creating an instance). If you are using a commercial license, you can update the system through the “Update” section in Lucy. Please make sure you have no active campaigns running before updating Lucy!

Update notes:

  • New report variables
  • Paid sources for recipient search
  • Global benchmark stats
  • White labeling options
  • Security enhancements (AES256 encryption instead of the old AES128, password salt improvements)
  • Notification of expiring domains & VPS
  • LDAP improvements (multiple DC and SSL support)
LUCY Security and Palo Stacho Handelszeitung

Hot topic WannaCry: Significant response to LUCY in the Swiss business and Sunday press

Zürich-Thalwil, 20. Mai 2017 – The global WannaCry attack has put the issue of ransomware and malware countermeasures in the public focus. LUCY is now acknowledged in the leading media of the Swiss press as one of the pillars in the fight against cycled crime!

The economic crime now takes place in Cyberspace. This has now become clear to all. The most important point of defense as well as attack are the people, whether as an employee or private individual.

In the past, safety systems and large companies were the focus of attention. People were neglected and the SMEs were not yet interesting for the criminals. That has changed, even before WannaCry small companies have been increasingly blackmailed with Ransomware. In the meantime the ransom came down to about 600 USD / 400 EUR. This is a price the small companies can pay. Now the first background reports on the cybercrime wave 2017 were published in the Swiss press: The “Handelszeitung” on 18 May and  the “Schweiz am Wochenende” on 20 May 2017 published long articles and both newspapers address exactly the above topics. We are very pleased that employee awareness and phishing simulations will be publicly addressed to the benefit of the employees!

Of course, we recommend the following articles (in German):


Was ist LUCY ?

About: LUCY-Security is a Swiss company with customers in more than 50 countries. Its product LUCY Server allows companies to perform realistic cyber attack simulations. At the same time, customized awareness programs and incident alerting tools can be used to increase cyber security. For the first time, the LUCY server makes cyber prevention in the form of a standardized product affordable for all. Customers can now test and improve their IT security without special knowledge!

For more information please call Palo under +41 44 557 19 37 or write him a mail under palo (a t) lucysecurity (d ot) com. Thank you.


Results from the Customer Survey 2017

Key findings: 84% of the participants recommend LUCY Security and two-thirds of the respondents are willing to call themselves publicly as a reference customer! And more than 70% of the participants are interested in a user group.

For us, it is also interesting that almost half of the submitted suggestions for improvement are already available as LUCY features.



In Feb / Mar 2017, clients of LUCY Security were asked to conduct a customer survey. The return rate was relatively high at 28.4%. The survey was conducted by the company itself on the basis of a short email questionnaire.

LUCY Security was not founded until 2015. The fact that such a young and still small cyber security product manufacturer gets so good grades after such a short time is evidence of the quality of the product and suggests that Swissness is also a not to be underestimated competitive factor.

Furthermore, the results are amazing, because the IT security industry is known for its secrecy. The high popularity rates for a public user group suggest a rethinking in the market that cyber crime can only be fight and confined together. Secrecy is detrimental to the security of the company on the Internet!


Phishing Incident Plugin for Outlook - LUCY Server

Our Phishing Incident Button is now available Everywhere!

LUCY Phishing Incident Plugin allows an easy and fast response to ongoing threats. Because it’s a highly beneficial feature for companies of all sizes we decided to make it available to ALL commercial editions of LUCY. Already for 350$ / Year you get an unlimited alert feature for your company!

Report scams with the phishing button from LUCY Security

Phishing Incident Plugin for MS-Outlook available everywhere

The plugin allows an immediate response to running cyber attacks. Because it’s such a powerful and valuable feature also for smaller companies we decided to make the functionality available to all commercial editions of LUCY Server. Already for 350 dollars you have the possibility to introduce a company-wide cyber alert-system in the enterprise. And without user limitations! Read more about our Phishing Button here.


More sophisticated functionality like the Threat Console or the “LUCY Risk Score” remain designated to the higher editions. If you want to discover more about these features read our post we have written for the launch of LUCY V3.4.


LUCY – We make cyberprevention and simulated Internet Attacks affordable and available to everybody!