Skip to main content

Simulated phishing training

Phishing is one of the most common tactics employed by hackers, requiring little effort and generally preys on the less cyber-aware. It's also the most common way for organisations to suffer a cyber attack.

About the phishing training

Our simulated phishing training has been developed to raise awareness of phishing emails amongst health and care staff. It's been created in response to the National Data Guardian’s review to raise public confidence in the security of their personal information.

The training is available upon request to organisations across the health and social care sector.


How it works

The training consists of a simulated phishing email, which is sent to staff within your organisation. A link within the email will take them through to an animation on how to spot the signs of a phishing attack, to increase their understanding of what to look out for in the future.

The phishing simulation will run for 2 weeks. After the simulation has finished we will provide you with a report on the actions your staff took.

We will also provide a link to the animation, which you can share with your staff.

Best practice recommends that organisations perform phishing simulations every 6 months. Your first phishing simulation will provide you with a baseline for how successful the simulation was. Future simulations will allow you to identify how well your staff have performed against the initial baseline.


How to register

Complete this form to register for the simulated phishing email training, or to request additional future training.

Our non-NHSmail simulated phishing pilots have now ended and we are currently considering our service offering. If you would like to be notified when a simulated phishing service for non-NHSmail organisations is available, please register your interest by contacting cybersecurity@nhs.net.


GDPR compliance

NHS Digital’s Data Security Centre acts as a data processor. We have direction (s.254 of Health & Social Care Act 2012) to process this information under the Health and Social Care Act 2012.  You can email us at exeter.helpdesk@nhs.net for further information.

Last edited: 23 June 2021 2:55 pm