Key Features

Short phishing awareness courses

Short, sharp, engaging courses for the time-restrained employee. Most courses are approximately 3-5 minutes long.

mortarboard hat icon

Completion certificates

Employees can celebrate their accomplishments with personalised course completion certificates.


Quizzes & assessments

Training courses include interactive games, quizzes and assessments to test employee knowledge.

globa icon

Real-world Examples

Courses are developed by certified cyber security professionals for the UK context and include real-life examples of scams & social engineering.


Clicks on Phriendly Phishing emails are used as a learning experience, showing employees what they should be looking for with regards to phishing emails.

link icon

Post-Course Surveys

We love feedback. Post-course surveys provide our team feedback to continuously improve our course offerings and deliver best-in-class training that learners actually like!

Training Feedback


employee satisfaction

mortarboard hat icon


learnt something new

3 stars icon

Easy to Understand

We love the S.C.A.M. series of trainings - it is a fantastically presented and easily understood set of training modules.

Our employees give lots of great feedback on it.

3 stars icon

I learned a lot!

The style and tone was very engaging. It managed to pack in a lot of information in very easy to digest chunks.

I liked the mix of characters, instruction and quizzes. I really enjoyed the training and I learned a lot. Thank you!

3 stars icon

Confidence Building

I feel more confident in identifying scam emails.

3 stars icon


As an older person who is not confident on a computer, I now know what to watch out for in future

Phishing Awareness Training

Angler Phishing

Angler phising is a cyber attack targeting individuals on social media platforms, online forums or other online communities. This course helps you identify and protect yourself against an angler phishing attack.

S.C.A.M Family

Phishing doesn’t stop at your organisation’s front door. Give employees the tools to help their friends and family scout for phishing locations and markers whenever they’re online.

S.C.A.M 3 Application

S.C.A.M 3 Application accelerates the experience by allowing employees to put their phishing knowledge to practice! Harness the power of peer teaching to drive phishing knowledge deeper.

S.C.A.M 2 Identification

S.C.A.M. 2 Identification aims to increase employee’s phishing knowledge and enhance their skill in actively analysing and identify phishing emails.

S.C.A.M 1 Fundamentals

S.C.A.M. 1 Fundamentals introduces learners to basic S.C.A.M. (Sender, Content, Action, Manage) phishing concepts. Employees will understand basic terminology and explore the different approaches scammers use to trick people.

Keep Secure Mini

Module 3: 5 Rules to Keep Secure

Learners will discover the 5 rules to keep secure, which is designed to provide a clear framework for making intelligent ongoing security decisions.

Module 2: Social Engineering

Learners will discover where they might encounter cyber-attacks, the different types of social engineering attacks and how their online footprint and physical encounters could make them an easy target for attacks.

Module 1: Security Foundations

Learners will discover what motivates hackers, the different techniques they use to hack their victims, popular types of cyberattacks and how to protect themselves against these attacks.

General Security Awareness


Catfishing is when a scammer creates a fake online identity to trick or control someone. This course provides practical tips for identifying and avoiding a Catfish.

Understanding GenAI

In this course you'll explore the basics of AI, and dive deeper into the world of GenAI. It will ensure you are aware of the security risks of using these tools, and stay cyber safe by using them responsibly.

Fraud Awareness

Uncover the behaviours of fraudsters to learn how to reduce the risks of fraud to you, your family and your organisation.

Remote Working

In today's digital age, more and more people are working remotely or travelling for work While this can be convenient, it also poses a risk to the security of sensitive information.

QR Code Scams

QR Codes are meant to be convenient and efficient at directing users to the app or website required for it's purpose, and this is precisely what cyber scammers are relying on. Learn how to spot the clickbait tactics used in QR code scams.

Online Gaming

As the popularity of online gaming continues to rise, so do the opportunities for scammers to take advantage of unsuspecting players. This course equips gamers with the knowledge to stay safe online.

Supply Chain Risks

This course teachers learners where supply chain risks can occur, how to explain the human behaviour risks of supply chains and understand how to strengthen the supply chain.

Email Security

Give your staff clarity on how they can protect the organisation and themselves by understanding email security.

Cloud Security

Employees will understand risks associated with cloud computing and offers some tips on securing your information when using the cloud.

An Introduction to Information Security

Ensure your staff understand the rules that define information security and the role that they play in protecting the organisation's information.

Vendor Email Compromise (VEC)

This course focuses on Vendor Email Compromise (VEC) and the risk associated with vendors becoming compromised within the supply chain. ​ VEC is a type of Business Email Compromise (BEC)

Anatomy of a BEC Attack

This course will outline the different levels of risk associated with BEC attacks, focusing on the different types of tactics used by cybercriminals to compromise accounts.

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) provides an additional layer of security for your accounts, to prevent unauthorised access. Understanding MFA will equip you with the knowledge and skills to secure your digital assets effectively.

Business Email Compromise

Employees will discover the simple, and highly effective scams using malware or social engineering in this short course.

Social Media

Your staff should be aware of the risks of sharing information on social media and how to apply safety measures to protect themselves, the organisation and their families.

Situational Awareness

This short course looks at the importance of implementing situational awareness effectively.

Passwords & Passphrases

Ensure your staff understand the important role of passwords in keeping information safe and secure.

Laptop Security

Your staff will leave this course with a solid understanding of how to protect this important piece of company hardware, their laptops.

Bring Your Own Device (BYOD)

Bring your own device (BYOD) provides familiarity and ease for users but having diverse technologies can cause significant disruptions to organisation security. Ensure your staff understand the security.

Remote Working

Device Security

Cultivate a cyber-savvy workforce that recognises information as an asset and knows their role in protecting it.

Information Security at Home

Ensure your staff understand how to implement information security practices at home.

Remote Working

Outside your office, workers may miss or become desensitised to security. They’re often less clear about protocols and more likely to troubleshoot for themselves. Rein in ‘cowboy’ tendencies.


Educate your staff about the risks of Wi Fi and how to utilise this option safely.

Role-Based Learning

CyberExec: Building A Positive Security Culture

This course aims to help you shift employees viewing compliance as a tick-box exercise, and rather to help build a positive security culture.

CyberGov: Understanding UK-GDPR

This course will explain what GDPR is and why it is important for all companies based in the UK, or those that process the personal data of UK citizens. All organisations must ensure they fully understand and comply.

CyberSecureIT: Secure Coding

Secure coding is the practice of building software in a way that ensures it's protected against vulnerabilities and cyber attacks. This course will cover common vulnerabilities and provide recommended approaches to improve software security.

Executive Security Awareness

In this course, learners will explore the most common types of security threats including Business Email Compromise (BEC), risks associated with using their own device and Shadow IT.

General Security Awareness

In this course, learners will discover what motivates scammers and the different techniques and psychological tactics they use to trick their victims. They will also explore the common threats and learn how to protect themselves and the organisation they represent.

Operational Technology (OT) Awareness

In this course, learners will explore the different threats to Operation Technology (OT) and ways to secure the OT environment. Learners will also discover the importance of implementing situational awareness to maintain cyber hygiene when working remotely and using their own device.

Industry Based

CyberEdu Social Media - For Kids

It's important for kids and teens to learn how to stay safe online, so they can enjoy social media without fear.

CyberHealth Business Email Compromise

Health sector employees will discover the simple, and highly effective email scams using malware or social engineering.

CyberHealth: OT (Operational Technology) Fundamentals

Learn about what OT is, why it is important, explore the different threats and ways to secure the OT environment.

CyberHealth: Ransomware

This course aims to educate health sector learners in identifying, managing, reporting, and preventing Ransomware attacks.

CyberRetail: Risks of Removable Media

Ensure your retail staff understand and are aware of their responsibility of having access to removable media devices and their impact on the organisation.

CyberSecureIT: Incident Management

Explain the importance of developing an incident management plan and identify the different roles and responsibilities related to incident management.

CyberUtilities: IT/OT Fundamentals

This course explores the intersection between Information Technology (IT) and Operational Technology (OT) and focuses on securing both environments. Discover ways to secure the IT/OT environment and the importance of implementing operational technology hygiene practices.

Phishing: Teen Edition

Learn what Phishing is, and how to avoid the clickbait tactics that scammers will use to get you to trust them.

Smishing: Teen Edition

Learning to spot the tricks in a smishing attack can help prevent you and your favourite people from being scammed.

Vishing: Teen Edition

More and more scammers are calling people and trying to trick them by pretending to be someone they are not. Learn how to avoid the tactics that scammers use.

Keep Secure Mini Series

Keep Secure 5 modules

Centred on our signature Keep Secure 5 framework, staff will progress through 6 modules that help them master a security mindset across your entire enterprise


Information Security

Whether a dam wall is poorly maintained or maliciously damaged, it can result in a loss of precious water. Information is your water. Have staff secure it well.


Device Security

Cyber crims love that employees use their own devices for work because crims gain a less secure doorway to your data. Help workers slam that door shut.


Workplace Security

Cultivate a cyber-savvy workforce that recognises information as an asset and knows their role in protecting it.


Remote Working

Outside your office, workers may miss or become desensitised to security. They’re often less clear about protocols and more likely to troubleshoot for themselves. Rein in ‘cowboy’ tendencies.


Good information handling and security policies are only useful if people are aware of them and understand their roles in executing them effectively. If you’re looking for training that helps your people understand their accountability, you’ll find it here, with Phriendly Phishing.

Inside out or outside in: exposed data is still exposed data

Information security goes beyond just the measures you take to prevent malicious cyberattacks from outside your organisation. It’s also about the steps you take to ensure your organisation doesn’t leave data unprotected or exposed.

You can probably guess the legal and reputational fallout if your organisation’s internal memos, performance statistics, proprietary technology or other sensitive documents were published online for the world to see. You’re similarly obliged to safeguard your clients’, employees’ and suppliers’ identifying details and personal info from being publicly exposed.

Equip your staff to secure the asset most at risk—information

It is critical that your people understand their responsibilities for implementing information security and are trained in good security practices. With Phriendly Phishing’s information security awareness training, staff learn the importance of:

  • classifying, handling and disposing of information

  • not sharing their user identification or passwords

  • backing up their computers

  • only having authorised programs installed on their work computers and work phones

  • physically securing their work computers and work phones

  • not releasing confidential information unless authorised

  • securing data when working remotely

  • scanning incoming files and links

  • reporting anything that looks suspicious.

See Phriendly Phishing in action

Your staff need cyber street-smarts. Contact us today to see our phishing and cyber security awareness training in action.

Request Demo