How many levels of difficulty are there for the phishing emails?
CyberNut currently uses five levels of difficulty, each designed to mirror real-world phishing sophistication and evolve with user skill.
Each level introduces new forms of realism, complexity, and attack psychology, ensuring that staff and students build lasting phishing-detection instincts.
| Level | Description |
| Level 1 | Non-personalized emails with obvious typos, poor grammar, and fake branding — very easy to spot. |
| Level 2 | Lightly personalized emails that still contain visual or linguistic errors and suspicious links. |
| Level 3 | Well-written, professionally branded phishing emails that appear legitimate and are trickier to identify. |
| Level 4 | Highly realistic spoofed login-page simulations that imitate trusted services and request user credentials. (Coming Q1 2026) |
| Level 5 | Sophisticated spear-phishing simulations using context-aware, AI-generated messages tailored to individuals or departments. (Coming Q2 2026) |
Each user’s difficulty level adjusts automatically based on performance:
- Reporting correctly → levels them up
- Clicking a phishing link → moves them down
Every individual follows a personalized learning path that continuously adapts to their progress.