top of page

Don't Take the Bait:

Phishing Awareness Training

A scenario-based corporate eLearning module built in Articulate Rise 360, designed to reduce phishing click rates through immersive decision-making simulations.
 
( This is a speculative project designed to demonstrate corporate security training capabilities.  NovaTech Solutions is a fictional company. )
Screenshot 2026-04-01 at 4.42.45 PM.png

  • Audience: Corporate employees at NovaTech Solutions

  • Role: Instructional Design (SAM Model), eLearning Development, Scenario Design, Prompt Engineering

  • ​Tools & Frameworks: Articulate Rise 360, Synthesia, Midjourney, Canva, Claude AI, SAM (Successive Approximation Model)

The Problem

NovaTech Solutions, a mid-sized technology company, faced a critical and recurring security threat that put both client data and company reputation at risk.

  • Human Error: Despite having technical security infrastructure in place, employees lacked the practical skills to identify phishing attempts in real time, making them the organization's most vulnerable entry point.

  • Reactive Training: Existing security training was limited to annual policy documents and compliance checklists. Employees were exposed to rules, but never allowed to practice recognizing threats before encountering them.

  • High Cost of Breaches: In the six months before this training, NovaTech experienced three phishing-related incidents, each averaging $180,000 in recovery costs, totaling over $540,000 in preventable losses.

The Solution

To address NovaTech's recurring phishing vulnerabilities, I designed a scenario-based eLearning module built in Articulate Rise 360 that shifted the focus from passive policy reading to active, practice-based learning.
Rather than telling employees what phishing looks like, the module places learners directly inside real-world email scenarios where they must identify threats, make decisions under pressure, and experience the consequences of each choice in a safe environment.

The solution was structured around three core pillars:
  • Scenario-Based Learning — Learners navigate branching decision trees based on authentic phishing situations, including email spoofing and CEO impersonation attacks.
  • Immediate Feedback — Every choice leads to a consequence, reinforcing correct behavior and creating memorable learning moments from mistakes.
  • Clear Response Protocol: A four-step action framework (Stop, Check, Report, Delete) gives employees a concrete, repeatable process to follow when a real threat occurs.
Screenshot 2026-04-01 at 5.03.24 PM.png

① REAL-WORLD SCENARIOS

Learners step into simulated phishing situations and practice making the right call under pressure.

Screenshot 2026-04-01 at 5.05.11 PM.png

②  PHISHING IDENTIFICATION

Realistic email mockups teach employees to spot critical red flags before clicking.

My Process

I applied the SAM (Successive Approximation Model) to this project because the corporate training environment demanded rapid prototyping and continuous refinement over a lengthy linear process. Each phase was built on real stakeholder feedback and iterative testing.
Phase 1 — Preparation (Savvy Start)
  • Needs Analysis
I documented the two most critical threat types facing NovaTech employees: email spoofing and CEO impersonation (Business Email Compromise).
  • Constraint Discovery
I identified that training needed to be self-paced, accessible without IT support, and completable within 15 minutes to fit into employees' workday schedules.

Phase 2— Iterative Design
  • Storyboard Development
I designed two branching scenarios based on authentic phishing situations: The Urgent Email (email spoofing) and The CEO Request (Business Email Compromise). Each scenario features a correct response path and two distractors with realistic consequences.
  • Prompt Engineering
I leveraged Claude AI through multiple revision cycles to ensure each distractor reflected authentic cognitive biases including urgency, authority, and fear, drawn directly from real phishing attack patterns.

Prompt Engineering

Screenshot 2026-04-01 at 8.30.41 PM.png

Storyboard Development

11_edited.png
Phase 3— Iterative Development
  • Rapid Prototyping
I built an initial prototype in Articulate Rise 360 and refined the content structure, navigation flow, and visual design based on review feedback.
  • AI Avatar Integration
I integrated Synthesia AI avatars to deliver a professional instructor presence, ensuring consistent narration and accessibility without external recording.
  • Visual Design
I used Midjourney to generate a cinematic cybersecurity banner image that established the visual tone of the course, combining a dark navy aesthetic with high-stakes imagery to create immediate emotional engagement.

Articulate Rise 360

Synthesia AI avatars

22_edited.png
Screenshot 2026-04-01 at 8_edited.png

Midjourney Visual Design

33.png
Full development

FULL DEVELOPMENT

The following showcases the three core components of the "Don't Take the Bait" training module, each developed iteratively through rapid prototyping and stakeholder feedback.

① Scenario-Based eLearning (Rise 360)

Two branching scenarios were built in Articulate Rise 360, placing learners directly inside real phishing situations. Each scenario features three response choices with immediate consequences, shifting the focus from passive reading to active decision-making under pressure.
Screenshot 2026-04-02 at 11.50_edited.pn

② AI Avatar Instructor (Synthesia)

A Synthesia AI avatar was integrated as the course CISO, delivering a professional and consistent instructor presence throughout the module. This approach ensured high-quality narration and accessibility without external recording or production costs.

③ Visual Design (Midjourney)

Midjourney was used to generate a cinematic cybersecurity banner image for the course cover, establishing an immediate sense of urgency and professionalism aligned with the corporate security training context.

Results and Takeaways

This project was built around a straightforward premise: most employees don't fall for phishing attacks because they're careless. They fall because they've never had the chance to practice recognizing one.
1. Projected Impact
  • Phishing Click Rate Reduction: Industry research consistently shows that scenario-based security training reduces phishing click rates by 50–70% compared to compliance-only approaches. By replacing policy documents with immersive decision-making simulations, employees build the muscle memory to pause, verify, and respond before it's too late.
  • Time to Response: The 4-step protocol (Stop, Check, Report, Delete) gives employees a clear, repeatable action plan. When a real threat arrives, they don't have to think. They already know what to do.
2. What I Learned
  • Distractors are the real design challenge. Writing wrong answers that feel genuinely reasonable, rooted in urgency bias, authority bias, and fear, was harder than writing the correct responses. That tension is exactly what makes scenario-based learning work.
  • AI accelerates without replacing judgment. Using Claude AI for distractor iteration and Synthesia for narration cut production time significantly. But every output still required careful review and refinement. The designer's judgment remained the most important variable.
  • Constraints drive creativity. Building a fully functional corporate training module without an LMS, a recording studio, or a live client proved that high-quality instructional design doesn't require unlimited resources. It requires the right decisions.
3. If This Were Deployed
Success would be evaluated using the Kirkpatrick Model:
  • Level 1 (Reaction): Post-training survey measuring learner confidence and perceived relevance of the scenarios.
  • Level 2 (Learning): Quiz scores and scenario completion data to assess knowledge retention.
  • Level 3 (Behavior): Phishing simulation click rates tracked over 90 days post-training.
  • Level 4 (Results): Reduction in security incidents and measurable decrease in breach-related recovery costs.
  • LinkedIn
bottom of page