Frequently asked
questions

Security awareness training helps employees recognize and respond to common cyber threats like phishing, social engineering, malware and unsafe digital behavior. Today, many providers offer holistic and gamified solutions that combine phishing simulations with training modules and awareness campaigns. However, industry benchmarks show that most organizations still struggle with click rates between 4% and 15%, even after years of training. 

Phished offers a holistic cybersecurity awareness solution for behavioral change, made up of the following integrated components:

- AI-driven phishing simulations: Automatically personalized for each user based on their skill level, language, and context.

- The Report Button: An inbox-integrated tool that enables employees to report suspicious emails and phishing simulations with a single click. After reporting, users receive immediate feedback to reinforce learning and prevent future mistakes.

- Phished Academy: A structured, science-based training platform offering short, frequent training sessions with checkpoints and certification.

- Threat Alerts: Real-time notifications keep employees informed about emerging cybergang tactics and industry-specific threats.

- Cyber hygiene practices: Practical tips and tricks delivered in 1-minute videos to help secure commonly used professional and personal apps and devices.

- Zero Incident Mail™: A zero-trust technology that delivers targeted training in a safe environment to protect high-risk users — including first-time clickers, repeat offenders, new hires, and those who enter data.

- Behavioral Risk Score™: Provides clear insights into the cyber resilience of individual employees, teams, and the organization as a whole.

- Risk-based insights: Dashboards and analytics that track employee progress and monitor organizational risk.

Unlike conventional awareness training programs, Phished doesn’t just aim to raise awareness—it focuses on driving real behavioral change. Yes, we use phishing simulations and gamified microlearning to engage employees, but these are just part of a broader, holistic approach: a science-based training program that addresses every aspect of cybersecurity. 

What truly sets Phished apart is how we deal with repeat offenders—employees who continue to click on phishing emails or enter data despite ongoing training. To address this, Phished offers Zero Incident Mail™ (ZIM): a secure digital learning environment where (high-risk) users can safely open and assess suspicious emails without exposing the organization to any risk.

Instead of punishment or fear, ZIM turns risky clicks into guided learning moments. By targeting risky behavior and supporting the users behind it, Phished helps organizations reduce real-world risk—not just raising awareness, but achieving measurable, lasting change.