Cofense Logo - Email Security Solutions

Cofense’s “Behind the Phish” Wins Best Technical Training Scenario or Exercise at FISSEA Fall Forum

Share Now


By Lee Martin

We are thrilled to announce that Cofense’s original docuseries Behind the Phish was recognized as the best Technical Training Scenario or Exercise at this year’s FISSEA Fall Forum. This gave us an opportunity to showcase a truly original and innovative approach to security awareness training.

Behind the Phish is an eight-piece training solution that follows a fictional technology company, NAGTS, that recently fell victim to a major credential phishing attack. In the training, learners gain insight into the email that led to the cyberattack, the threat actor responsible for the attack, and the law enforcement officer who brought him to justice. Learners are then shown how NAGTS evolved to better protect itself from the constant threat of phishing, and to appreciate the importance of reporting suspicious emails with the Cofense Reporter button.

Behind the Phish has a unique design that incorporates the eLearning modules, three simulations and two quizzes — all contextualized within the same story. The malicious emails in the exercise are real phish that Cofense leverages as the center of the lesson. The modules build real resiliency to the threat of credential phishing by contextualizing real phish in a relatable and highly memorable learning experience. Also, the modules can be deployed as an automatic program that will run on its own throughout a 90-day period, greatly simplifying the operator’s workload.

Other content providers will present a wide variety of vague content with generalized lessons while Behind the Phish gets to the heart of the matter and makes memories that will protect learners and their companies. Behind the Phish is different from what other SA content providers create because it has Cofense’s mastery of the threat landscape at its core. The data that Cofense curates around active threats and known modes of attack are key to how Behind the Phish was built

But wait, there’s more!

Logo, company name Description automatically generated FISSEA is the premier organization for federal employees and vendors seeking information, community and insight into how to build and run the best cybersecurity training programs possible. This year’s Fall Forum was another great opportunity to meet (virtually) and exchange ideas, best practices, and hold discussions that foster innovation and improvement in the security awareness space. An exciting vehicle for this community dialogue was the FISSEA Awareness and Training Contest.

The contest was broken out into eight categories:

  1. Awareness Poster
  2. Innovative Solutions
  3. Awareness Website
  4. Awareness Newsletter
  5. Awareness Video
  6. Cybersecurity Blog
  7. Cybersecurity Podcast
  8. Technical Training Scenario or Exercise

Winners in each category gave a brief presentation and took part in a Q&A with the FISSEA moderators along with the Fall Forum participants. During the Q&A session, Cofense answered questions around the inspiration for Behind the Phish, and offered details on the team and the tools they used to deliver this training.

The FISSEA Awareness and Training contest also had a “People’s Choice” category, and Cofense won seven out of eight categories! This recognition helps to cement the position Cofense has at the top of the cybersecurity training-and-resiliency pyramid.

Graphical user interface, website, timeline Description automatically generated

At a glance: How Behind the Phish is designed, showcasing key characteristics.

One of the most innovative aspects of the design for Behind the Phish is in how learning objectives are communicated. Since the series is arranged as a documentary, the narrator/documentarian acts as a proxy for the learner. The questions she asks throughout the story represent the key takeaways and learning objectives, while the actual lessons are contextualized within a memorable and engaging story. Characters are conceived and designed in a way that they can be relatable to many different types of learners, regardless of their position or experience. All of this was produced with strict attention to detail in the quality of the video, sound design and pacing.

Behind the Phish is available to Cofense customers in PhishMeSCORM, and the Cofense LMS. Cofense PhishMe simulations are based on the latest threats known to bypass secure email gateways (SEGs), empowering your users to become human threat detectors. With resilient users attuned to the latest phishing threats, you have the best organizational defense. With Cofense’s Learning Management System (LMS), you can easily zero in on the security and compliance issues that are important to your company. And LMS perfectly complements the behavioral conditioning and experiential learning of Cofense PhishMe. We’re always available to answer your questions. Contact us at any time for a demo and more information.

Click below to view the trailer for Behind the Phish:

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats. Past performance is not indicative of future results.
The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.


We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.

This site is registered on as a development site.