Key Features

Short Courses

Courses are short & sharp, designed for the time poor employee. Most courses are approximately 2-3 minutes long.

mortarboard hat icon

Completion Certificates

Employees can celebrate their accomplishments with personalised course completion certificates.


Quizzes & Assessment

Training courses include interactive games, quizzes and assessments to test employee knowledge.

globa icon

Real World Examples

Developed by certified Australian professionals for the Australian context. Courses include real-life examples of scams & social engineering.


Clicks on Phriendly Phishing emails are used as a learning experience, showing employees what they should be looking for with regards to phishing emails.

link icon

Post-course surveys

We love feedback. Post-course surveys provide our team feedback to continuously improve our course offerings and deliver best-in-class training that learners actually like!

Phishing Awareness Training

S.C.A.M. 101

S.C.A.M. 101 introduces learners to basic S.C.A.M. (Sender, Content, Action, Manage) phishing concepts. Employees will understand basic terminology and explore the different approaches scammers use to trick people.

S.C.A.M. 201

S.C.A.M. 201 aims to increase employee’s phishing knowledge and enhance their skill in actively analysing and identify phishing emails.

S.C.A.M. 301

S.C.A.M 301 accelerates the experience by allowing employees to put their phishing knowledge to practice! Harness the power of peer teaching to drive phishing knowledge deeper.

S.C.A.M. Family

Phishing doesn’t stop at your organisation’s front door. Give employees the tools to help their friends and family scout for phishing locations and markers whenever they’re online.

Training Feedback


employee satisfaction

mortarboard hat icon


learnt something new

3 stars icon

I learned a lot!

The style and tone was very engaging. It managed to pack in a lot of information in very easy to digest chunks.

I liked the mix of characters, instruction and quizzes. I really enjoyed the training and I learned a lot. Thank you!

3 stars icon

Confidence Building

I feel more confident in identifying scam emails.

3 stars icon


As an older person who is not confident on a computer, I now know what to watch out for in future

Keep Secure Series

Module 1: Security Foundations

Learners will discover how hackers and security personnel think, highlighting the importance of everyone taking responsibility for an organisation's security.

Module 2: Cyber Attack Evolution

Learners will better understand the changes in cyber crime from it's humble beginnings to the present day.

Module 3: Social Engineering

Learners will understand the different types of social engineering attacks and how their identify can be profiled and used against them easy by an attacker.

Module 4: Online & Remote Threats

Learners will gain a solid understanding of the depth and breadth of the internet, as well as the types of attacks that can occur from online and remote locations.

Module 5: Internal Threats

This module highlights the types of risks to watch out for from within the organisation.

Module 6: Keep Secure Framework

This cybersecurity training course provides a clear framework for learners to make intelligent ongoing security decisions.

Keep Secure Mini

Module 1: Security Foundations

Learners will discover what motivates hackers, the different techniques they use to hack their victims, popular types of cyberattacks and how to protect themselves against these attacks.

Module 2: Social Engineering

Learners will discover where they might encounter cyber-attacks, the different types of social engineering attacks and how their online footprint and physical encounters could make them an easy target for attacks.

Module 3: 5 Rules to Keep Secure

Learners will discover the 5 rules to keep secure, which is designed to provide a clear framework for making intelligent ongoing security decisions.

General Security Awareness

An Introduction to Information Security

Ensure your staff understand the rules that define information security and the role that they play in protecting the organisation's information.

Bring Your Own Device (BYOD)

Bring your own device (BYOD) provides familiarity and ease for users but having diverse technologies can cause significant disruptions to organisation security. Ensure your staff understand the security.

Business Email Compromise

Employees will discover the simple, and highly effective scams using malware or social engineering in this short course.

Cloud Security

Employees will understand risks associated with cloud computing and offers some tips on securing your information when using the cloud.

Email Security

Give your staff clarity on how they can protect the organisation and themselves by understanding email security.

Handling Sensitive Information

This short course offers some tips on how to handle and protect sensitive information.

Information Classification

Introduce your staff to the concept of information classification and labelling.

Mobile Phones & Tablets

Ensure your staff understand how to best protect their mobile devices at work and home.

Passwords & Passphrases

Ensure your staff understand the important role of passwords in keeping information safe and secure.

Personal Information

This course will help your staff understand how to keep their own and other people’s sensitive information protected.

Protecting Credit Card Information

If your staff accept or manage credit cards details at work, ensure they know how to protect those details.

Protecting Your Digital Identity

Safeguard your organisation and staff by educating them about safe cyber practices when accessing the internet.


This course aims to educate learners in identifying, managing, reporting, and preventing Ransomware attacks.

Safety Online

This course provides employees tips on how to stay safe online and avoid any security breaches.

Security Incidents

This course aims to highlight the dangers of security incidents and provide your staff with tips on how to protect themselves and the organisation.

Security in the Workplace

Most security breaches usually happen by human error. Empower your staff with best practices on how to keep information secure in the workplace.

Situational Awareness

This short course looks at the importance of implementing situational awareness effectively.


Scammers developed Smishing tactics to tap into the trusting nature of text messaging. Empower your staff to spot a Smishing attack.


Your staff need to be aware of the savvy social engineering tactics and trends to protect themselves, their families and the organisation from becoming a victim of voice scams.

Workplace Security

Cultivate a cyber-savvy workforce that recognises information as an asset and knows their role in protecting it.

Remote Working


Educate your staff about the risks of Wi Fi and how to utilise this option safely.

Information Security at Home

Ensure your staff understand how to implement information security practices at home.

Remote Working

Outside your office, workers may miss or become desensitised to security. They’re often less clear about protocols and more likely to troubleshoot for themselves. Rein in ‘cowboy’ tendencies.

Device Security

Cultivate a cyber-savvy workforce that recognises information as an asset and knows their role in protecting it.

Government Guidelines

NZ Data Management

This course has been designed against the New Zealand Information Security Manual (NZISM) as mandated by the Government Communications Security Bureau. The course aims to highlight best practices on transferring data between systems, via gateways and when using removable media.

Anti Money Laundering & Counter Terrorism Financing​

This course is based on the AML/CTF Act. It aims educate learners in identifying their customers, reporting suspicious matters, preventing and identifying money laundering activities, and the financing of terrorism.

Payment Card Industry Data Security Standard (PCI DSS)

Hackers want credit card data to be able to use the card, impersonate the cardholder, or even steal the cardholder's identity to commit other crimes in their name. This course highlights the importance of PCI DSS and provide guidelines on how to protect cardholder information.

New Zealand Privacy Act

As technology advances, and more people access information online, it is necessary that the laws around Privacy also evolve, to protect the people of New Zealand and their information. This short course highlights the key additions to the New Zealand Privacy Act.

Information Privacy & Security

This course explores the Australian Privacy Principals that provide guidelines on handling personal information throughout the information lifecycle and provides tips on how to prevent loss of information.

Security Incident Response

By understanding how to respond to security incidents, staff will be protecting the organisation, computer network, systems, people, information, assets and themselves from any malicious attempts.

Secure by Design

As systems advance, it becomes increasingly difficult to add effective security layers. Secure by Design embeds security from the start to minimise risk and vulnerabilities. Staff will gain an understanding of the Secure by Design process and be empowered to incorporate cyber resilience into new and existing systems.

Privileged Access Management (PAM)

Ensure staff with PAM understand their security obligations.

Removable Media

Ensure your staff understand and are aware of their responsibility of having access to removable media devices, ultimately protecting the organisation and themselves.

Role-Based Learning

Executive Security Awareness

In this course, learners will explore the most common types of security threats including Business Email Compromise (BEC), risks associated with using their own device and Shadow IT. Learners will discover how to mitigate cyber risks by implementing the ACSC Essential 8.

General Security Awareness

In this course, learners will discover what motivates scammers and the different techniques and psychological tactics they use to trick their victims. They will also explore the common threats and learn how to protect themselves and the organisation they represent.

Information Security for HR & Finance

In this course, learners will explore the different techniques cyber criminals use to hack their victims. Learners will also discover the risks associated with security breaches when dealing with personal and sensitive information.

Operational Technology (OT) Awareness

In this course, learners will explore the different threats to Operation Technology (OT) and ways to secure the OT environment. Learners will also discover the importance of implementing situational awareness to maintain cyber hygiene when working remotely and using their own device.

Keep Secure Mini Series

Keep Secure 5 modules

Centred on our signature Keep Secure 5 framework, staff will progress through 6 modules that help them master a security mindset across your entire enterprise


Information Security

Whether a dam wall is poorly maintained or maliciously damaged, it can result in a loss of precious water. Information is your water. Have staff secure it well.


Device Security

Cyber crims love that employees use their own devices for work because crims gain a less secure doorway to your data. Help workers slam that door shut.


Workplace Security

Cultivate a cyber-savvy workforce that recognises information as an asset and knows their role in protecting it.


Remote Working

Outside your office, workers may miss or become desensitised to security. They’re often less clear about protocols and more likely to troubleshoot for themselves. Rein in ‘cowboy’ tendencies.


Good information handling and security policies are only useful if people are aware of them and understand their roles in executing them effectively. If you’re looking for training that helps your people understand their accountability, you’ll find it here, with Phriendly Phishing.

Inside out or outside in: exposed data is still exposed data

Information security goes beyond just the measures you take to prevent malicious cyberattacks from outside your organisation. It’s also about the steps you take to ensure your organisation doesn’t leave data unprotected or exposed.

You can probably guess the legal and reputational fallout if your organisation’s internal memos, performance statistics, proprietary technology or other sensitive documents were published online for the world to see. You’re similarly obliged to safeguard your clients’, employees’ and suppliers’ identifying details and personal info from being publicly exposed.

Equip your staff to secure the asset most at risk—information

It is critical that your people understand their responsibilities for implementing information security and are trained in good security practices. With Phriendly Phishing’s information security awareness training, staff learn the importance of:

  • classifying, handling and disposing of information

  • not sharing their user identification or passwords

  • backing up their computers

  • only having authorised programs installed on their work computers and work phones

  • physically securing their work computers and work phones

  • not releasing confidential information unless authorised

  • securing data when working remotely

  • scanning incoming files and links

  • reporting anything that looks suspicious.

See Phriendly Phishing in action

Your staff need cyber street-smarts. Contact us today to see our phishing and cyber security awareness training in action.

Request Demo