Post-simulation follow-up & training
Post-Simulation Follow-up is the campaign builder step that decides what happens after a simulated call resolves. Instead of one shared "success" and one shared "vulnerable" email, each of the four outcome groups, Phished, Detected, No answer, Couldn't connect: gets its own follow-up email, so each result gets a fitting response. A per-outcome engine executes this at call time, records what fired on the target's timeline, and is idempotent so a redelivered call event never double-sends.
Prerequisites
- A campaign scenario and target audience already set up in earlier builder steps (see Create & launch a vishing campaign).
- Nothing else to provision, sensible defaults apply automatically to a brand new campaign, so this step is optional to touch at all.
- For the in-call debrief and EU AI Act disclosure options surfaced on this step, see their own pages: In-call education and EU AI Act disclosure.
How to use it
- Open Post-Simulation Follow-up in the campaign builder. The outcome board shows four cards in two groups, "Answered" (Phished, Detected) and "Not answered" (No answer, Couldn't connect), each showing whether a follow-up is currently configured.
- Click a card to open its configuration drawer, then choose Do nothing or Send training for that outcome.
- If you choose Send training, pick the delivery channel. Email delivers today; Slack and Teams appear as options marked coming soon.
- Edit the email directly in the live preview, click the subject, heading, body, or call-to-action text to change it in place.
- Use the language selector to preview the email in Spanish, French, or German, and click Translate with AI (or Re-translate) to generate or refresh that language's copy. Edits are always made on the English original; translations are read-only previews.
- For the two "Answered" outcomes, optionally turn on Educate on the call to have the AI deliver a debrief before hanging up, see In-call education for the modes.
- At the bottom of the board, configure the EU AI Act disclosure notice if your audience includes EU targets, see EU AI Act disclosure.
- Continue through the builder and launch. Your choices are saved with the campaign and apply the moment a call resolves to that outcome.
Configuration & options
| Option | What it does | Default | Notes |
|---|---|---|---|
| Phished, action | Send/skip a follow-up when the target went along with the call | Send training (remediation email) | |
| Detected, action | Send/skip a follow-up when the target pushed back | Send training (positive-reinforcement email) | |
| No answer, action | Send/skip a follow-up when the line wasn't answered | Send training (security-exercise notice) | Toggling this bucket also switches voicemail, call-screened, and busy calls together, see Gotchas. |
| Couldn't connect, action | Send/skip a follow-up when the call never connected | Do nothing | Covers failed, invalid-number, and carrier-rejected calls together. |
| Channel | Where the follow-up is delivered | Email delivers today; Slack and Teams appear as options marked coming soon. | |
| Email content | Subject, heading, body, call-to-action, call-result line/tone, footer, CTA note | Built-in English copy per bucket | Directly editable inline; supports {{first_name}}, {{organization_name}}, {{security_contact}} tokens filled in at send time (an unrecognized token is left as-is). |
| Language preview | English (authored) plus AI-translated Spanish/French/German | English | The recipient's email follows the campaign's call language, falling back to English if that language hasn't been translated yet. |
| Educate on the call | In-call debrief mode for Answered outcomes | Off | See In-call education. |
| EU AI Act disclosure | Post-call disclosure notice for EU targets | Off | See EU AI Act disclosure. |
Gotchas & limitations
- The four cards are coarser than the underlying model. The engine tracks nine raw call outcomes, but the board only exposes four buckets. Turning "No answer" on or off changes all four of its raw outcomes (no-answer, voicemail, call-screened, busy) together, and "Couldn't connect" changes all three of its raw outcomes (failed, invalid-number, carrier-rejected) together; you can't currently give voicemail a different action than a plain no-answer.
- "No answer" sends an email by default. Unlike the old binary success/vulnerable model, a new campaign's "No answer" bucket ships turned on (a security-exercise notice); this is an intentional behavior change, not a bug, so don't be surprised the first time you see it.
- Follow-ups fire once, even on retries. Each call carries a "follow-up already sent" marker, so replaying the same call-finished event will not send a second email or duplicate timeline events. A send failure is logged and simply leaves that marker unset for a later retry; it never blocks the call's outcome from being recorded.
- Translations are read-only, generated from the English original. You can't hand-edit the Spanish/French/German copy directly, re-running "Translate with AI" regenerates it from whatever the English version currently says, so edit English first.
Troubleshooting / FAQ
Why did a target get an email even though I never configured anything for this campaign? A campaign with no stored follow-up configuration still resolves to the signed-off server defaults, Phished and Detected send training emails, and No answer now also sends a security-exercise notice by default. Only "Couldn't connect" and outcomes like busy are off by default.
Can I make voicemail behave differently from a plain no-answer? Not from this step. The board edits the four buckets, and each bucket applies its action uniformly to every raw outcome it covers.
I resent/retried a call, did the target get two emails? No. The engine only sends once per call; a redelivered webhook is a no-op for an already-processed call.
Which channels deliver follow-ups today? Email is the delivered channel. Slack and Teams appear as options marked coming soon.
What happens to campaigns created before this redesign? Their existing follow-up copy was migrated automatically into the new per-outcome model (their old "vulnerable" copy became the Phished bucket, their old "success" copy became the Detected bucket); no manual re-authoring was required, and they keep sending without interruption.