Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Phishing Test for Employees – Why its Important

blog-header

about the author

Share this post

The Anti-Phishing Working Group’s (APWG) “Phishing Activity Trends Report” findings indicate that there were over 1.2 million known phishing attacks in 2016. That is a huge 65% increase over 2015, and it is the highest annual total since APWG began monitoring attacks in 2004.

Phishing emails are designed to gain attention and action an immediate response with the potential victim lulled into reacting quickly and clicking on the fraudulent call to action. On average, phishing sites are online for less than 15 hours, which makes it super difficult to quickly identify and block them. To add to this, close to 100% of phishing URLs point to malicious pages or sites within benign domains, which helps them seem like legitimate sources.

Phishing Test for Employees – Why its Important

It’s this level of sophistication that makes phishing so devious. It usually arrives as a harmless looking email and convinces you to action – usually by clicking a link or opening a file. And at that stage, that’s game over.

Undoubtedly, there are many out there who know what to look for in a phishing email. However, it only takes one person to action a phishing email for it to lead to financial and reputational damage for your company. This is why we consider it so important to utilise a phishing test for your employees.

Phishing Test – How to Spot a Fake Email

Most of us have PayPal accounts, and so it’s only natural that if we receive an email from the PayPal folks that we’d want to check it out.

Many people would likely click the below email but by utilising regularly implementing this kind of phishing exercise for your users will be able to identify the following when looking at the below email:

Phishing Test for Employees – Why its Important

• Is the address the one linked to their PayPal account – what does the ‘to’ field actually say?
• Bad grammar and spelling are obvious signs of phishing, especially from big companies who will have copywriters and editors on payroll to ensure this doesn’t take place in external communication
• No personalization – The name is blank and instead is just a generic ‘Hello PayPal Customer’
• Scare tactic – phishing attacks will often make you think something is wrong with your account such as ‘Your Account PayPal is Limited’ to scare you into clicking the Call to Action.

By regularly implementing a phishing test for your organisation you will raise your employees cyber security awareness and enable them to spot these key telltale signs on phishing emails. However, many cyber criminals are more sophisticated than this and can skillfully avoid all the points above.

Training is key in protecting against phishing attacks and the implementation of phishing tests is integral for the protection of your company. It may seem like a simple idea, but training is effective. If you teach staff what to look out for when it comes to a phishing email then you are already going a long way to protecting yourself and your business from a phishing attack.

Have you been caught out by a phishing email, or have you seen one of the danger signs ahead of time and been able to identify it before its been too late? Let us know in the comments below.

Other Articles on Cyber Security Awareness Training You Might Find Interesting

duckduckgo vs google EN

DuckDuckGo vs Google – 5 reasons why you should give up using Google!

You were not aware that DuckDuckGo is a search engine? Well, now you know. Since its founding in 2008, DuckDuckGo has made it its mission to develop a search engine that does not store or share personal data, quite unlike Google. Google’s business model is based less on data protection and more on personalised advertising. Without the storage of personal data, Google would virtually lose the air it breathes. However, Google is still the most used search engine, and there are reasons for that. Google does have one weakness, however, and that is data protection.
Read More »
dataprotection vs informationsecurity EN

Information Security vs Data Protection

Is this an issue for our ISO or our DPO, or is it much the same in either case? Who exactly is responsible for this incident, and is there a need to report it at all? In order to discuss the similarities and differences between information security and data protection, the first step is to define the two areas.
Read More »