Training That Actually Works
Move beyond checkbox compliance. Our program builds real security awareness that protects your firm every day.
Interactive Training Modules
Engaging, bite-sized courses covering phishing, social engineering, password security, and data handling best practices.
Simulated Phishing Tests
Regular simulated phishing campaigns that test staff readiness and identify employees who need additional training.
Compliance Tracking Dashboard
Track completion rates, test scores, and improvement trends for every employee across your firm.
Track Progress Across Your Firm
See who has completed training, who needs a reminder, and how your firm's security awareness is improving over time — all from one dashboard.
- Industry-Specific Content
Training scenarios designed around real threats facing CPA firms, including IRS impersonation and client data theft.
- Compliance Documentation
Automatic record-keeping for IRS Publication 4557 training requirements with exportable compliance reports.
- Adaptive Learning Paths
Employees who struggle with certain topics receive additional targeted training automatically.
- Gamification & Recognition
Leaderboards, achievements, and recognition programs that motivate staff to take security seriously.
Q1 Training Progress
24
Enrolled
21
Completed
3
In Progress
Phishing Recognition
Avg Score: 94%
Password Security
Avg Score: 88%
Data Handling
Avg Score: 91%
IRS Compliance
Avg Score: —
Who It's For
Every firm that handles sensitive data needs a trained and security-aware workforce
CPA & Tax Firms
Train staff to recognize IRS phishing emails, fake client requests, and social engineering during tax season.
Legal Practices
Educate attorneys and paralegals on client confidentiality, wire fraud, and email security.
Financial Services
Build a security-first culture across all departments with role-based training programs.
Government Contractors
Meet CMMC and NIST cybersecurity training requirements with documented completion records.
Last 3 Simulated Campaigns
IRS Refund Notice
Mar 202524
Sent
2
Clicked
18
Reported
Password Reset Request
Feb 202524
Sent
4
Clicked
15
Reported
Client Document Shared
Jan 202524
Sent
6
Clicked
12
Reported
Simulated Phishing That Drives Results
Our simulated phishing campaigns mirror real-world attacks targeting CPA firms. Watch your team's click rates drop and reporting rates climb as they learn to spot threats.
Employees who click receive instant, non-punitive feedback and targeted micro-training. Over time, your entire team becomes your strongest defense against social engineering.
Frequently Asked Questions
How often should employees complete security awareness training?
The IRS recommends ongoing training with at least annual refreshers. Best practice is quarterly training sessions combined with monthly simulated phishing tests. Pumpkin's platform delivers micro-learning modules throughout the year so training stays fresh without being disruptive.
What topics does the training cover?
Our curriculum covers phishing recognition, password security, social engineering, physical security, data handling, mobile device security, remote work best practices, and IRS-specific topics like protecting taxpayer data and recognizing IRS impersonation scams.
How do simulated phishing tests work?
We send realistic but harmless phishing emails to your staff. If an employee clicks a link or submits credentials, they receive immediate educational feedback and are enrolled in targeted training. Results are tracked in your dashboard so you can see improvement over time.
Does this satisfy IRS training requirements?
Yes. IRS Publication 4557 requires security awareness training for all employees who handle taxpayer data. Our platform provides training content, completion tracking, and exportable reports that satisfy this requirement for IRS audits.
How long do training sessions take?
Each micro-learning module takes 5-10 minutes. We recommend spreading modules throughout the quarter so training doesn't disrupt billable work. The full annual curriculum totals approximately 4-6 hours per employee.