For financial advisers

Phishing simulation built for the firm advising on your clients' retirement.

Vigil tests your team against client-portfolio impersonation, fake ASIC notices, SMSF rollover fraud, and the deepfake call from the principal redirecting a six-figure rollover to a different BSB. Then it scores everyone, trains the people who fail, and produces the report ASIC and your PI insurer want to see.

Start 30-day free trialSee how it works

30-day free trial · No IT team required · ASIC RG 271 + Essential Eight ready

The threats

The attacks financial advisers actually get.

Generic phishing training prepares your team for 2019. The attacks landing in your client-services inbox today are AI-personalised, time-pressured, and dressed up as ASIC, the ATO, your platform provider, or the client themselves. Here's what your team is up against.

Client portfolio impersonation

Spoofed email "from your client" asking to redirect their next pension drawdown to a different account. Your CSO assistant verifies via the email signature — which the attacker also wrote.

SMSF rollover fraud

A six-figure SMSF rollover request comes in from "the client." Bank details for the receiving fund are subtly off. Voice cloned from your podcast appearance confirms the change verbally.

Fake ASIC notice scams

"Your AFSL is under review — click here to respond within 48 hours." Looks like asic.gov.au. The senior adviser opens it because nobody wants an ASIC matter to escalate.

Platform login phishing

Fake login page for your investment platform. Pixel-for-pixel clone. Your para-planner enters credentials. The attacker now has client-level access for the next 30 days.

Why now

Annual training doesn't work. ASIC doesn't grade you on what your video covered last year.

Most financial-advice practices run security awareness once a year — a generic video and a tick-box quiz. That was fine before AI. Today's attackers personalise every message, clone the principal's voice from any podcast or webinar, and time their fraud for the highest-pressure rollover or insurance-claim moment. The gap between what your training covers and what's actually landing in your team's inbox has never been wider.

94%

of breaches start with a phishing email

$150,000

average cost of a successful phishing attack on an Australian SMB

< 3 mins

between an employee receiving a phish and clicking the link

How Vigil works for financial advisers

Simulate. Score. Train. Report. On autopilot.

Vigil runs in the background. Your responsible manager logs in once a month. Everything else is automatic.

01

SIMULATE

Simulate

Pick from eight attack types — client portfolio impersonation, deepfake calls from the principal, fake ASIC notices, SMSF rollover fraud. AI writes every message in the context of your firm, your platform, your client base.

02

SCORE

Score

Every employee — advisers, para-planners, client-services, admin — gets a live human risk score. See who's vulnerable, which department needs work, and which team members are improving.

03

TRAIN

Train

When someone clicks, training is assigned automatically. Built for the exact scam type they fell for. Quizzes and completion records auto-tracked for compliance.

04

REPORT

Report

One-click PDF mapped to ASIC RG 271, Essential Eight, ISO 27001, and the Privacy Act. The document your PI insurer and your auditor both want to see.

Compliance

Pass your PI renewal and your ASIC review with the same report.

ASIC's RG 271 (cyber resilience) expects evidence of staff awareness, attack simulation, and remediation tracking. Most PI insurers ask for the same evidence at renewal. Vigil's report covers RG 271, Essential Eight Maturity Level 1, and the Privacy Act's APP 11 staff-training obligation. Regenerate any time, always current.

ASIC RG 271Essential EightISO 27001Australian Privacy ActNIST CSFCIS Control 14

Built for Australian professional-services firms.

No IT team requiredSetup in 30 minutesCancel anytimeAustralian-hosted on requestSOC 2 Type II in progress

Pricing

Less than your cyber insurance excess.

30-day free trial. No credit card required. Cancel anytime.

AnnualSave 17%Monthly

Starter

Essential phishing and training for small teams.

$290/year

$24/mo equivalent · save 17%

Start 30-day free trial
  • Up to 25 employees
  • Email phishing simulations
  • SMS phishing simulations
  • Voice call simulations
  • QR code attack simulations
  • Live risk scores per employee
  • Automatic training assignment on failure
  • Interactive training lessons & quizzes
  • Compliance PDF (Essential Eight, ISO 27001, Privacy Act)
  • Email support
Most popular

Growth

Deepfakes, voice cloning, and AI-personalised attacks.

$990/year

$83/mo equivalent · save 17%

Start 30-day free trial
  • Up to 200 employees
  • Everything in Starter, plus:
  • Deepfake video email simulations
  • Voice-cloned executive calls
  • Live deepfake video calls
  • AI-personalised phishing with Claude
  • Custom attack briefs
  • AI-generated personalised training videos
  • Department benchmarking
  • Escalation alerts for high-risk employees
  • Priority support

Enterprise

For MSPs and organisations with compliance requirements.

Custom
Contact sales
  • Unlimited employees
  • Everything in Growth, plus:
  • Custom compliance mapping
  • API access
  • MSP multi-tenant console
  • White-label branding
  • SSO & SCIM provisioning
  • SLA guarantee
  • Dedicated success manager

One successful phishing attack costs an average of $150,000. Vigil pays for itself with a single prevented incident.

Train your team before the criminals do.

30-day free trial. No credit card. RG 271-ready report on day 1.

Start 30-day free trial

or email us at hello@vigilsecurity.io