Email Security
Zero Incident Mail
Zero Incident Mail (ZIM) is a stand-alone security solution designed to protect the users who need it most. It safeguards those who keep clicking or are often targeted by phishing attacks. By isolating risky email links in a secure browsing sandbox, ZIM ensures your infrastructure stays safe no matter what your users click.
Why choose our Zero Incident Mail solution
Awareness training alone doesn’t eliminate risky behavior
Despite repeated sessions and reminders, employees continue to click on malicious links or share sensitive data. Training fades over time, habits don’t change overnight.
Phishing success rates remain high
In every organisation, phishing click rates stay between 4% and 15%, regardless of the platform or provider. That includes environments secured by Google, Microsoft, spam filters, and enhanced link protections like SafeLinks.
You can’t filter out everything
Even the most advanced filtering systems let certain emails through. And unfortunately, users often can’t tell the difference between legitimate and malicious content.
Every company has high-risk user profiles
Think new hires, less tech-savvy users, or repeat offenders who have clicked before. These are often the weakest links in your human firewall. ZIM lets you target protection to these specific users, without disrupting the rest of your team.
ZIM turns risky clicks into safe behavior
With ZIM, links in emails open in a secure, isolated browsing sandbox, fully detached from your infrastructure. No matter what users click, the risk is neutralised automatically.
The experience is seamless for the user
No extra steps, no complicated logins. The user opens the email, clicks a link, browses in the sandbox, and the environment self-destructs afterward. The original email stays untouched in the inbox.
It works independently of your existing infrastructure
ZIM is a stand-alone product developed by Phished, and works alongside your current mail setup and security stack. No need to replace anything.
How we do it
We understand that not every user poses the same level of risk, and not everyone needs the same level of protection. That’s why Zero Incident Mail (ZIM) offers a flexible deployment model built around three distinct user profiles.
The Secure My Mail group includes your most vulnerable users. These are the people who sometimes click on suspicious links because they’re unsure or hesitant. For them, ZIM opens all email links in a secure, isolated environment. They can safely inspect the site without putting your systems at risk. This approach builds their confidence while providing a strong layer of protection.
The Protected group includes users who require strict controls. Think of new team members, frequent clickers, or anyone with a higher risk profile. In their case, ZIM enforces strict rules: when they click a link, it opens in a secure browser that blocks any data input. If the user truly needs access to a site, they must request approval from IT, who can allow it through the ZIM platform or by email. This setup prevents mistakes and reduces the chance of compromise.
Finally, there are users who consistently follow security best practices. They recognise phishing attempts and rarely need extra safeguards. For them, ZIM is optional. They can continue working without interruption, so your organisation can focus resources where they’re needed most.
By matching the right ZIM experience to the right users, you strengthen your security posture in a smart, targeted way, protecting those who need it most, without getting in the way of those who don’t.
How it works
Users read and interact with emails as usual
ZIM is completely invisible to the end user. They open and read emails as they always have, without needing to log into a new system, follow special instructions, or take additional steps. There’s no training curve or workflow disruption.
When they click a link, it opens in a secure, disposable browsing sandbox
Instead of launching the browser on their local machine, ZIM redirects the session to a fully isolated, cloud-based container. Even if the link leads to a phishing site or malicious download, the threat is contained within the sandbox and never reaches your internal systems.
Once the user is done, the sandbox destroys itself
After the user finishes reading or interacting with the website, the entire browsing environment is automatically destroyed. No data, no session information, and certainly no malware is carried over. Leaving nothing behind to compromise your infrastructure.
The original email remains untouched in the user’s inbox
ZIM doesn’t delete or modify the original message. Users can return to it later, forward it, or flag it. Just as they normally would. This preserves continuity while keeping security tight.
All of this happens behind the scenes, without user awareness
ZIM delivers full protection without requiring user input or disrupting daily operations. Employees continue working as usual, while your organisation benefits from a powerful extra layer of defense, especially for high-risk or repeat-clicker profiles.
Ready to turn risky clicks into safe behavior?
Phishing isn’t going away and neither is human error. But with Zero Incident Mail (ZIM), you can finally stop relying on hope, filters, or perfect user behavior. ZIM gives you the power to protect the people who need it most, without disrupting your workflow or compromising productivity. Whether it’s shielding repeat offenders, supporting uncertain users, or giving IT full control. ZIM brings real, measurable risk reduction.