In simple terms, phishing is a type of attack where electronic communication is used as bait to lure unsuspecting recipients to carry out an action resulting in the compromise of their information or data. This is performed typically by someone who is generally out to make illicit gains, or cause harm to an individual or company.
38% of all data breaches are caused by human error (ACCC Scamwatch). Although employees are often an organisation’s greatest asset, they can also be the weakest link in the cyber security chain. One click on a phishing link can have devastating effects on an organisation.
A phishing attack can lead to ransomware, reputation loss, bank account changes, sideways leverage, credential capture, etc. According to the IBM Cost of a Data Breach Report 2020, the average time to identify and contain a data breach in 2020 was 280 days. That’s 280 days for hackers to wreak havoc on your systems.
Full System Automation: Phriendly Phishing is a fully-automated phishing ecosystem that syncs to your Active Directory or other data source. Don’t waste precious time on manual tasks!
Built for the A/NZ Market: Developed by Australian certified professionals to help Aussies navigate the phishing landscape. Enjoy onshore data sovereignty and customer support.
Custom Learning Paths: Take your employees on their own unique journey with a fully-automated risk assessment, training and on-going practice campaigns.
Train, Not Trick: Most employees are non-technical. Phriendly Phishing trains, nurtures and helps employees create long lasting behavioural change with our train, not trick methodology.
Once our Customer Success Team sets up your account, Phriendly Phishing can run in the background without user intervention. We authenticate with your Active Directory to ensure all staff are added into training campaigns from the minute they join the organisation.
A non-invasive baseline is a is a simulated phishing email sent to all staff prior to training. The baseline provides a measurement to understand where your organisation’s phishing risk currently sits. The baseline is anonymous and it is important to keep it that way to truly create an unbiased measurement.
The unique learning journey is personalised based on your organisation’s timeline and can be automated across user synchronisation, course deployment, increasing sophistication for phishing email templates, and more.
No, we currently do not support G Suite. Phriendly Phishing supports AD, Okta and Azure.
Phriendly Phishing will ensure everyone in your organisation has completed the same high-quality training proven at reducing click through rates on scam emails. The dashboard allows you to monitor staff on an individual basis to identify those that still require additional training.
Our training is divided into modules and we encourage you to spread deployment out throughout the subscription ensuring staff are not overwhelmed with additional training. Most modules are around 2-10 minutes long.
Phriendly Phishing training is continually updated and features Australian voices, language and spelling which increases employee engagement. Being Australian made, you can be certain training is of the highest quality and will resonate the best with your employees. Remember, more is not always better. Our course catalogue was discerningly developed with a proven methodology and to Australian standards to ensure the best employee behavioural change results.
Phriendly Phishing training is completed online. Workers expect training to be filled with engaging content and Phriendly Phishing delivers. From fun mini quizzes and mnemonic memory prompts to short, snappy micro-lessons and challenges, we will keep your people keen for more. 87% of learners are satisfied with Phriendly Phishing’s training.
Phriendly Phishing builds employees' knowledge through wins and success and creates steppingstones to improvement. The program does not attempt to trick or belittle employees. In a monthly phishing campaign, if an individual clicks into an email they are redirected to a micro lesson to remind them what to look out for in emails and how to report a phishing template next time. Phriendly Phishing’s program is at its core, respectful of your employees.
Today’s workers expect training to be filled with engaging content and Phriendly Phishing delivers. Our ‘Scan for S.C.A.M.’ mnemonic memory prompt provides a framework for employees to evaluate the online communication they interact with quickly and easily. S.C.A.M. means Sender, Content, Action & Manage.
Our S.C.A.M. modules are short and suggested to deploy throughout the year to keep your staff engaged in phishing concepts. We recommend scheduling S.C.A.M. 101 to your organisation before beginning the monthly, automated phishing campaigns.
The Keep Secure (KSec) security awareness training takes users on an enjoyable journey of understanding through interesting and relevant security topics. Traditional training methods often tell people what not to do, but do not provide any context as to why. The KSec series changes that by taking users on a tour across different psychological and historical events designed to allow them to gain a deep understanding of current security threats, and how they came to be that way.
Whilst we aim to refresh the scam examples and enhance the training design on an annual basis, our scam courses are designed to be foundational learning which will always remain relevant; therefore, our approach is to create shorter, bite-sized modules in response to the current scams that supplement the original, foundational courses.
Instead of one course that gets recycled and updated every year, you can expect to see a series of relevant courses and modules being added to our course library in response to the evolving scam tactics.
Staff who click on a phishing link will receive instant feedback in the form of a Microlesson describing what makes that specific email a phishing email.
We believe this form of active reinforcement will better assist in addressing knowledge gaps instantaneously.
We are conscious of the multi-generational and diverse learning styles that can assist within any organisation – so if the learner did not grasp the key message in the previous eLearning format, the more practical method delivering the same message, using a shorter, sharper approach could be absorbed more effectively.
Using a blend of theoretical and practical solutions adds learning diversification to the learning experience, with the goal of changing behaviour and keeping S.C.A.M. tips front of mind!
Phriendly Phishing’s standard subscriptions are for 2 years.
All companies will charge you an upfront cost for access to their system, however it is important to keep in mind the hours per week required for upkeep and maintenance. Through our automated approach, we have minimized any ongoing administration of Phriendly Phishing while still giving some of the highest quality results in market. Your per-employee subscription fee to Phriendly Phishing is the only cost you’ll ever incur.
All customers have anytime access to our online support ticketing and knowledge base. Our Customer Success and Support team is Australian based, with standard business hours during AEST to support Phriendly Phishing account admins.
Our Customer Success and Support Team will reach out to set up your Phriendly Phishing account and hold a 30-minute demonstration to show you how to manage your account and setup the baseline, training, and campaigns. Visit our online ticketing and knowledge base system to communicate with our technical support team and access how-to pages.
Data is stored and protected through AWS in Sydney, Australia.
Phriendly Phishing is the trusted provider of hundreds of organisations in Australia across sectors including state and local Government, higher education, retail, technology, health and more. We have helped clients of all sizes from 50 employees to 60,000 employees. Phriendly Phishing is able to provide you with customer references if required to assist in your buying process.
Phriendly Phishing is trading independently as Phriendly Phishing Pty Ltd and we have systems and processes specifically tailored to support our partners and continuously improve our service. For more information, visit our partner page.