Escaping phishing with storytelling

Illustration einer Person, die unter Wasser nach einem leuchtenden Smartphone greift, im Hintergrund sieht man weitere Personen

E-learning content | 2022
G DATA CyberDefense AG

G DATA CyberDefense AG is a holistic IT security service provider based in Bochum, Germany. The company set a milestone in 1987 with the development and sale of the first commercial anti-virus software. The company now has more than 500 employees and offers cyber defense services such as security awareness training, penetration tests and incident response in addition to endpoint protection. With its expertise and innovations, G DATA ensures the security of companies of all sizes as well as critical infrastructures such as hospitals and airports and millions of private customers all over the world.

Foto einer großen Eingangshalle und ein Empfangstresen

The initial situation

People as the target of cyber criminals

Digitalization has long since reached all areas of life and the economy. Therefore, the secure supply of digital information is as vital as the supply of electricity or water. However, digitalization has also made new forms of crime possible. One trend is particularly evident here: cyber criminals are no longer targeting systems, but increasingly people - because: Any system is only as good as those who operate it.

G DATA's mission is therefore to offer a comprehensive defense against cybercrime and to make people an integral part of the protective measures. This idea gave rise to the "Cyber Defense Academy " (CDA) at G DATA. The aim of the learning platform is to support the last line of defense in cyber defense, i.e. people, with knowledge and thus make them more confident in dealing with threats.

One of the most common forms of attack is "phishing", where attackers aim to steal a user's confidential information (e.g. access data etc.) or infect the network with malware.

For example, phishers try to send fake emails with detailed personal information about the victim ("spear phishing"). The aim is to gain the victim's trust so that they click on attachments and/or links. In this way, the phishers manage to collect even more personal information (access data, account details, etc.). Or the victim downloads attached ransomware onto the computer, which is then removed by the attackers by paying a ransom.

The attacks are becoming more and more perfidious as they become more and more individualized. The victims' extensive social media presence makes it easy for phishers to obtain very personal information. The probability that victims will then click on a link or similar in an appropriately designed email is extremely high. It is therefore particularly important for companies to build up knowledge in this area.

Illustration von drei Personen mit schwarzen Sonnenbrillen in ovalen Rahmen vor einem grünen, digitalen Hintergrund.

The solution

Captivate learners with storytelling

In order to impart knowledge in a targeted and sustainable way, modern, brief and highly interactive training formats are needed. This is how the idea for a Learning Journey was born, which takes a very strong storytelling approach and captivates everyone. In seven episodes, users are taken on a journey where they learn everything about phishing - from the basics to expert knowledge about identifying perfidious, highly individualized spear phishing attacks. For G DATA customers, learning time often equals working time. Therefore, the learning journey is packed into short bites to ensure maximum learning transfer and sustainability. The aim is to create awareness of the topic so that no one clicks on a link in a phishing e-mail or opens an attachment containing malicious code by mistake or out of ignorance.

The result

Through the depths of Phishing

The Learning Journey is characterized by the four main characters Martin, Anna, Jan and Maria. The four protagonists each symbolize a specific user type or form of phishing attack, i.e. e-mail, telephone, SMS or social media. They serve as companions and identification figures for the learners throughout the training. At the beginning, the characters become victims of various phishing attacks - and thus fall into the "vortex of phishing". Over the course of the learning journey, they fight their way through a dark underwater world and learn to deal with ever greater attacks and challenges through various twists in the story.

But the focus is not only on the victims. Regular perspective changes provide an insight into the world of the phishers and their world of thought, i.e. motivation, drive, mindset, etc. With the knowledge gained, the learners can gradually fight their way back to the surface together with the main characters and launch a final counterattack in the seventh and final episode of the Learning Journey.

The training also impresses with a very high degree of interaction. Common formats such as drag & drop tasks or multiple-choice questions are repackaged or illustrated by the story, for example by learners having to drag false statements into fishing nets or refuel the submarine with which they navigate through the training (or the underwater world) with air.

Ein Laptop und ein Handy die ein Screenshot aus dem Training zeigen
Ein Laptop der einen Screenshot des Trainings zeigt und ein Dokument mit dem Titel
Ein Laptop und ein Tablet mit Screenshots aus dem Training

There are also time-based challenges, click and reveal tasks, podcasts, hidden object pictures, Use Cases etc., all with one goal: To interact intensively with real-life phishing attacks and thus get to know the characters, antagonists and, above all, the protection mechanisms better.

The highlight is the digital escape room in the last module. It contains hidden clues that can be used to launch a counterattack against the phishers and bring the main characters back to the surface.

The mixture of a high degree of interaction, a character- and story-driven, as well as dramaturgically well thought-out narrative style and the entertaining episodic structure make the phishing training series a round and complete learning journey that captivates everyone.

In this way, all learners are taken into account and knowledge building is maximized using the most modern didactic elements. The short duration of the individual episodes with a maximum of 15 minutes contributes significantly to the goal of continuous learning, or "workplace learning". youknow and G DATA also placed a high value on the "reusability" of the training courses when designing the Learning Journey. These should not only be completed once by the learner, but should ideally also be referred to again and again during everyday working life. The story-driven narrative style increases the intrinsic motivation and the learner's ability to remember, which is additionally increased up to 20-fold through the use of images.

Kreisbild von Christian Laber

Christian Laber
Head of E-Learning Development | G DATA CyberDefense AG

„Many people know that an email from an African prince with a gift of money is dangerous. However, many people are not aware that fake emails can hardly be distinguished from real ones these days. And thus also not the great danger posed by phishing. This increasingly present danger was the reason for G DATA and the Cyber Defense Academy to place a central focus on this topic. The result was our new phishing training series.“

Kreisbild von Nikolas Schran

Nikolas Schran
Product Owner Cyber Defense Academy | G DATA

„Companies that attach great importance to IT security know that security awareness training is not a "nice-to-have", but a "must-have". These training courses must not only be informative, but also appealing to the user. After all, you always eat with your eyes.“

Kreisbild von Sandra Kaeppeli

Sandra Käppeli
Area Manager ICT | Streamline AG

„G DATA's security awareness training courses are didactically very well structured and cover the topic comprehensively. Learning the complex subject matter is fun and the interactive elements engage the learners so that they complete the courses to the end.“

Illustration von drei Personen mit schwarzen Sonnenbrillen, die bei Sonnenuntergang Getränke genießen, mit Bergen und einer Wüstenlandschaft im Hintergrund.

Conclusion

A learning series on the pulse of time

Customer demand for the learning series is enormous. G DATA CyberDefense was obviously not only on the right track thematically with the training, youknow also hit the nerve of the target group conceptually. Since the launch of the CDA, more than 450 companies with a total of over 40,000 users have accessed it, and the trend is rising. The new training series has been available to customers since March 2022. Here you can try out the training.

The learning journey also impressed the jury of the Society for Education, Information and Media (GPI): it was awarded a seal of approval at the Comenius Award 2022.

Outlook

What's next?

New training courses for the Cyber Defense Academy are specifically planned on the topics of data protection, occupational safety and fire protection, which will be available from April 2022. In addition, G DATA always focuses on the needs of the market in order to identify requirements for any further training courses.

Kreisbild von Ken Weid

Ken Weid
Key Account Manager

Transform learning into a success driver for your organization

You have the goals, we have the solutions – together we will find the best one for you.

Let's talk

Cookies

Cookies?

In addition to necessary technical cookies, we also use cookies on our website to analyze website access or to personalize your individual user experience. You can revoke your consent to their use at any time. For more information, please read our privacy policy: Data privacy

Settings

Deny

save

Accept

Necessary

Statistics / Marketing