Microsoft provide Phishing Awareness Training for Office 365 (delivered in partnership with Terranova Security).
Phishing Awareness Training is part of the Microsoft Defender security suite and is one of the many reasons that make Microsoft a compelling choice when it comes to security – if you weren’t already aware, Microsoft are leaders in 5 Gartner Magic Quadrants for security!
Phishing Awareness Training for Office 365 is called ‘Attack Simulation Training’ and is available in the Microsoft 365 Defender portal. It allows you to test your user’s awareness of this common scamming technique and provides learning tools to help them upskill.
Required Licencing to use Phishing Awareness Training for Office 365
Attack Simulation Training is included in the Microsoft Defender for Office 365 Plan 2 licence and is bundled with the following:
- Microsoft 365 E5
- Office 365 E5
- Business Premium
- Microsoft 365 E5 Security (add-on)
- Microsoft 365 F5 Security (add-on)
- Microsoft 365 F5 Security & Compliance (add-on)
Setup Phishing Awareness Training for Office 365
This article won’t go into the finer detail of how you setup the phishing awareness training ‘campaign’, but you should find it straight forward. You’ll find Attack simulation training under the ‘Email & collaboration’ section.
From there you can launch a one-time campaign from the ‘Simulations’ tab, or an on-going one from ‘Simulation automations’ tab:
The wizard will take you through the setup process. There are several phishing techniques that can be used:
These techniques come with ‘payloads’ (or emails) used to trick users into giving up personal information such as credentials or tigger malware. You can also create your own payloads.
You’ll then select your target users, launch dates, and run times, as well as assign training modules.
What does Phishing Awareness Training for Office 365 look like for your users
It all starts with an email (payload) to trick your users. Here’s an example:
In this example (there are many based on the chosen payload), if the user follows the sign-in link, they will be presented with a typical looking Microsoft sign-in page where they can enter their username and password!
And if they do, they will be presented with the following message that lets them know they could have been phished. If you assigned training, they have the option to view that too:
Training reminders are also sent to the user’s inbox. The reminders also come with a handy calendar attachment (.ics file) that allows them to quickly schedule the training in their calendar:
Phishing Awareness Training for Office 365 assignments
When you click through to complete the training you will be presented with a list of assignments.
Phishing Awareness Training for Office 365 modules
The following are a couple of examples of the training modules that users are taken through.
Example 1 – Mass Market Phishing
Example 2 – Web Phishing
Reporting
Hi, but is it enough that the admin sending the campaign has a license (type E5) or do all users need to have a license enabled?
All our users have a Business Premium, if I assign myself an E5 should I be able to start the companion?
Not 100% sure on whether it would technically work or not, but from a licencing perspective, I believe all users would need to be licenced with Defender for Office 365 Plan 2.
Only the User who is creating and sending the campaign needs to have Defender for O365 Plan 2
I think it would work if you did that, but it would be against the licencing terms – Fairly sure all the users that will participate would need to be licenced too.
Are the training video available outside of the phishing simulator?
Not that I am aware of.