Noticed a huge drop in phishing emails at my small office after we started doing weekly training

Six months ago, our 12 person team in Austin was getting maybe 10 phishing emails a week that people would actually click on and report. It was a real problem, and our IT guy was always running around fixing things. We started these mandatory 15 minute weekly training sessions in January, just going over one new trick scammers use. The change was slow, but now, we're down to maybe one click a month. The big shift happened because people stopped just deleting weird emails and started actually looking at the sender address and the links before they did anything. It's not fancy tech that fixed it, it was just making everyone a little more aware every single week. Has anyone else seen results this good from regular, short training like this?

2 comments

2 Comments

the_drew21d ago

You're totally right about it being the weekly habit that does it. That "little more aware every single week" is the whole key. It's not a one time thing people forget, it's a constant reminder that makes checking the sender address automatic. I pushed for something similar where I work, and the real win is when people start calling each other out in a friendly way, like "hey, you sure that link is safe?" It builds a culture where security is just part of the normal day, not some scary IT rule.

dakota_king321d ago

My buddy's company tried the same thing. They had a guy who kept falling for those fake shipping notice emails. After a few months of short weekly talks, he caught a really good fake one himself. He was so proud he printed it out and put it on the break room fridge. That constant little reminder really does rewire how people look at their inbox.