Cyber Security Training & Software for Companies | MetaCompliance


Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters



Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 

Financial Services

Creating A First Line Of Defence For Financial Service Organisations


A Go-To Security Awareness Solution For Governments


A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives



From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

MetaCompliance | Cyber Security Training & Software for Employees


With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes


Meet the MetaCompliance Leadership Team


Stay informed about cyber awareness training topics and mitigate risk in your organisation.

The Ongoing Threat of Phishing and Returning to the Office

Phishing Return to Office

about the author

Share this post

The ongoing threat of COVID-19 has drastically changed the business landscape. The sudden shift in circumstances has increased the attack surface and presented an abundance of new security challenges for organisations.

During this time of uncertainty, cybercriminals have been quick to take advantage of the situation, which has led to a surge in phishing attacks.

According to Google, scammers are sending 18 million Covid-19 related emails to Gmail users every day in an attempt to persuade victims to download malicious software, steal sensitive information, or donate to fake causes.

The Office of National Statistics (ONS) has reported 14.2 million people (44% of the total number of working adults) have worked from home during the coronavirus pandemic.

The rapid transition to remote working meant that many organisations were unprepared for a remote workforce for such a sustained period. It is well recognised that phishing thrives on isolation, uncertainty and periods of change and as a result, the pandemic has created the perfect storm in which hackers, scammers, and spammers can exploit the public.

In a recent survey conducted by Threatpost, 40% of companies reported seeing an increase in cyber attacks as they enabled remote working.

Phishing Threats and Working From Home

Remote working is drawing more cyber security threats for a few reasons, including:

  • More people are using home networks, which are likely to be less secure. As such, IT departments cannot closely monitor and safeguard employees’ online behavior when they work from home. 
  • For many employees, the COVID-19 crisis has been the first time they have worked from home for a lengthy period of time. Cybercriminals know these individuals are more vulnerable because of their lack of familiarity with safe work-from-home practices.
  • Cybercriminals are viewing the current situation as a chance to take advantage of remote workers. Malicious cyber actors are continually adjusting their tactics to take advantage of new situations, and the COVID-19 pandemic is no exception. 

Increased home working is likely to be here for the foreseeable future, even after the current pandemic related emergency measures. However, with some organisations preparing to phase back into the office environment, uncertainty will continue to be a significant factor. As such, it’s vital that employees understand the crippling consequences phishing attacks can cause, as well as how to protect themselves and their organisation from phishing threats.

How Phishing can Damage your Business

Data breaches from a phishing attack can cause devastating financial losses and damage an organisation’s reputation for years. According to IBM, the global average cost of a data breach has risen to a staggering $3.92 million.

From lost business to regulatory fines and remediation costs, data breaches have far reaching consequences. A successful phishing attack can result in:

  • Identity theft
  • Theft of sensitive data
  • Theft of client information
  • Loss of intellectual property
  • Financial theft
  • Unauthorised transactions
  • Reputational damage
  • Credit card fraud
  • Installation of malware or ransomware
  • Access to other systems 
  • Data sold to third parties

How to Prevent a Phishing Attack

Identifying a phishing email has become increasingly difficult as cybercriminals have honed their skills and use a range of socially engineering tactics to convince the recipient to click on a malicious link or provide personal information. Today, phishing attacks are more targeted and sophisticated than ever before. 

As employees prepare to return to the office, recent campaigns have seen cybercriminals launch attacks which exploit workers anticipating updates from their employers about returning to the workplace

By encouraging users to act quickly and by provoking curiosity and fear, some studies have shown the click rate on phishing attacks has risen from less than 5% to over 40%  with coronavirus scams.

According to Intel, 97% of people around the world are unable to identify a sophisticated phishing email. Despite the convincing nature of these emails, there are still some tell-tale signs that may alert us to the presence of a phishing email.

  • Never click on links or download attachments without confirming the source. 
  • Double-check the sender’s address to ensure it’s coming from a legitimate source.  
  • Always double check the webpage’s URL before signing in and never log into sites by following a link in an email. Despite seeming perfectly legitimate, if the URL does not match the address displayed, it is an indication that the message is fraudulent and likely to be a phishing email.
  • Always take time to think about a request for your personal information, and whether the request is appropriate. A reputable company will never send out an email to customers asking for personal information such as an account number, password, pin or security questions. See our resources on how to spot a phishing scam.
  • Ignore and delete emails with unexpectedly poor grammar and formatting. If you spot any spelling mistakes or poor grammar within an email it is unlikely to have come from an unofficial organisation and could indicate the presence of a phishing email. Learn more about the characteristics of a phishing attack.
  • Phishing attack messages that have the highest response rates are often related to time-bound events. Cybercriminals will often use a sense of urgency to encourage recipients to react immediately. If you are unsure if the request is legitimate, contact the company directly via their official website or official telephone number.
  • Be cautious of unexpected email messages. Always take a moment to think “am I expecting this type of request?” If it looks suspicious or too good to be true, then it probably is.

Why Phishing Awareness is Important

As cybercriminals increase their efforts to exploit the public, awareness is the most powerful weapon against these evolving threats and techniques.

Scammers will be quick to take advantage of any lapses in security, and organisations should continue to empower and educate employees to remain vigilant. Cyber Security is everyone’s responsibility, and with so many potential attack points, the key to improving security is to create a culture of cyber awareness.

Create a More Security Conscious Workforce 

Cyber Security Awareness for  Dummies acts as an indispensable resource for implementing  behavioural change and creating a culture of cyber awareness. 

Phishing Cyber Security Awareness

In this guide, you will learn: 

  • What Cyber Security awareness means for your organisation 
  • How to implement a cyber risk awareness campaign 
  • The critical role of policies to  establish safe baselines 
  • How to maintain momentum and staff engagement 
  • 10 Cyber Security awareness best practices

Other Articles on Cyber Security Awareness Training You Might Find Interesting