Internal USPS phishing simulation found 25 percent of USPS employees clicked on a phony link. 93 percent of the baited employees didnt report the incident to the USPS Computer Incident Response Team. How much repetition is needed before employees can consistently identify phishing scams and other online threats, experts say. Once-a-year security awareness training is probably not enough, psychologists say. For example, send phishing simulations and reminders on a monthly basis, expert says. For the sales team, then send tailor your phishing exercises to your audience,”]