Phishing — Malicious emails that trick people into giving up credentials, clicking links, or opening attachments — is one of the most common and effective entry points for cyberattacks. This training gives your staff the knowledge and hands-on practice they need to recognize phishing, resist social-engineering tricks, and report suspicious messages quickly.
Three Canada-focused statistics you should know
- 67% of Canadian employees admit they’ve done something that could put their organization at risk (e.g., clicking suspicious links or bypassing security) — showing how widespread risky behaviour is in the workplace. Proofpoint
- 44% of Canadian organizations reported experiencing a cyber attack (attempted or successful) in the last 12 months — demonstrating that Canadian businesses are actively targeted. CIRA+1
- Phishing / social-engineering reports rose in 2024 — more than 10% of reported scams were phishing/social-engineering and reported susceptibility (people who fall for simulated scams) increased to ~23.5% in 2024. This trend underlines the growing effectiveness of phishing tactics. bbbmarketplacetrust.org
Why formal phishing awareness training matters
- Reduces the chance an employee will click a malicious link, open a harmful attachment, or hand over credentials. (Human error is still the most common vector in breaches.) Verizon+1
- Shortens incident response time by increasing reporting — reported suspicious emails are easier to isolate and remove before they spread. Canada.ca
- Helps meet regulatory and insurance requirements that increasingly expect employee training as part of basic cyber hygiene. Canadian Centre for Cyber Security
The Training program overview
The training campaign should start around the 8th of the month. Please note expect a legitimate email sent from education@phishlinetraining.com which will contain a safe link to a training video which is then followed by a quick quiz.
All new customers will be a part of our 4 month Core Managed security awareness training program where they will receive monthly training videos, and on months 2 and 4 will also receive mock phishing messages. After the Core training is done, you will join the rest of our customers in the Universal campaigns that typically alternate with just a training month, and a combined training and phishing campaign month.
At the end of each campaign, reports will be emailed automatically attached in PDF format.
Months with both Training and Phishing campaigns will include two emails, as there is a separate report for each campaign type.
Quick checklist / top tips for employees
- Don’t trust email urgency. Pause and verify with a separate channel (phone or internal chat).
- Inspect sender addresses and hover over links to see the real URL before clicking.
- Never enter credentials into a webpage reached from an email — go to the service’s site manually.
- Use MFA / 2FA and a password manager for unique, strong passwords.
- Report suspicious emails immediately — early reporting can stop an attack. Canada.ca Verizon
Canada-specific resources (Link for reporting and more info)
- Canadian Anti-Fraud Centre — report scams and get advice on what to do if you or your business have been targeted. antifraudcentre-centreantifraude.ca
- CIRA — 2024 Cybersecurity Survey / report — Canadian organizational cyber trends and benchmarking. CIRA+1
- Proofpoint — State of the Phish (2024) — data on employee behaviour and regional findings for Canada. Proofpoint
- BBB Canada Risk Report (2024) — insights into phishing/social engineering trends in Canada. bbbmarketplacetrust.org
- Get Cyber Safe (Government of Canada) — guidance for businesses & individuals. Get Cyber SafeCanada.ca
Hackers like to go for the weakest link. Do you trust your staff to not click on bad links? Contact us now to start your staff on security awareness training.