Threat Check:

Phishing Training

Case Study Overview

Learners evaluate realistic phishing scenarios before receiving instruction, mirroring the real-world moment when you must decide to trust a message before knowing the answer.

Case Study Overview

View the project

Interactive Learning Experience

Case Study Artifacts

Story Board

The Problem

Employees complete mandatory phishing training each year, yet many still struggle to apply what they’ve learned when faced with realistic or ambiguous messages.

Traditional training often focuses on information rather than decision-making. While learners may recognize common phishing indicators, they are less prepared to evaluate context, identify subtle inconsistencies, and respond appropriately in real-world situations.

The Solution

This project redesigns traditional compliance training into an interactive decision-making experience. Learners analyze realistic phishing scenarios before receiving instruction, mirroring the real-world moment when users must decided weather to trust a message before knowing the answer.

My Approach

This experience was designed using a combination of scenario-based learning, reverse Bloom's taxonomy and progressive scaffolding.

Threat Check Framework
A simple repeatable process was introduced to support decision-making:
Recognize the threat, Assess the details and, Respond safely

Scenario-Based Design
Each activity presents a realistic situation that requires learners to analyze details, identify potential risks, and make a decision before receiving feedback.

Progressive Scaffolding
Early scenarios include guided support including prompts and interactive elements. This support is gradually removed, requiring learners to apply the Threat Check framework independently.

Reverse Blooms Taxonomy
Learners analyze realistic phishing scenarios before receiving instruction. By reversing the traditional learning sequence, learners are asked to evaluate situations and make independent decisions using prior knowledge. As the sequence progresses, learners can apply feedback from earlier scenarios, refining their ability to recognize potential threats.

Metacognitive Reflection
Learners reflect on this confidence and decision-making throughout the experience, reinforcing awareness of how and why they make decisions.

The Impact

This experience shifts phishing training from a passive compliance exercise to an active decision-making process. Instead of relying on memorization, learners build the habit of pausing, assessing risk, and verifying information before engaging with a message.

By the end of the experience, learners are better prepared to apply the Threat Check framework in real-world situations

Tools Used

Articulate Rise 360, Canva

View the project

The learning experience guides learners from structures analysis to independent decision-making, reinforcing a repeatable framework for identifying and responding to phishing attempts.

Supported Analysis

Interactive elements guide learners in analyzing messages by focusing on key indicators. The Threat Check frameworks supports structured evaluation.

Guided Feedback

Learners received targeted feedback that breaks down key phishing indicators. This reinforces how to apply the Threat Check Criteria after making a decision.

Gradual Removal of Support

Early scenarios provide structured guidance through the Threat Check Criteria. As learners progress, this support becomes optional, encouraging independent evaluation while still allowing access when needed.

Decision & Reflection

Learners evaluate realistic scenarios and commit to a decision, then reflect on their confidence. Incorporating metacognitive prompts builds awareness of their reasoning and strengthens decision-making skills.

Interactive Learning Experience

Case Study Artifacts

Story Board

Threat Check_ Phishing Training.pdf

Threat Check Framework

Threat Check Framework.pdf

Next project

Page updated

Google Sites

Report abuse