Phriendly Phishing

Haumarutanga Hītinihanga

Last updated 26 June 2024
Last updated 26 June 2024

This page has everything you need to know about the rollout of Phriendly Phishing across the tertiary sector.

Phriendly Phishing is a fully digital, automated training and phishing simulation platform that uses simple content to make the learning memorable and enjoyable.

It’s fully funded, for three years, for all wānanga and New Zealand Private Training Establishments (PTEs) and their employees – as part of the Cyber Security for the Tertiary Sector (CSTS) initiative.

CSTS also offers other tools and resources to help your organisation improve its cyber security awareness and maturity. Check out the CSTS information.


Resources for staff

We’ve compiled some useful resources to help you communicate with staff about the Phriendly Phishing initiative.

Visit the Phriendly Phishing website for more templates and resources: Phriendly Phishing Communication Collateral – Phriendly Phishing


What is phishing?

Phishing is the practice of sending fraudulent emails. These emails often impersonate reputable companies and aim to trick you into revealing personal information, like passwords or credit card numbers.

What is Phriendly Phishing?

Phriendly Phishing is a fully digital, automated training and phishing simulation platform that uses simple content to make the learning memorable and enjoyable.

What will I learn?

PTES will be able to:             

  • train their team using simulated phishing emails
  • detect and learn the signs of scams
  • schedule relevant bite-sized training courses
  • protect their people, data and processes
  • track progress, including employee improvement and risk mitigation
  • take the learning, apply it in their personal lives, and share with family and friends.

How much time do I need to invest in maintaining Phriendly Phishing?

The ongoing time commitment to manage platform activities will vary between PTEs but should not take too much time out of the work day. The platform is designed to be user friendly with a ‘set and forget’ approach.

The training itself is a small investment of time for employees, with each module taking 2 to 10 minutes to complete.

Employees can take the learning and apply it to their organisation and in their personal lives.

Phriendly Phishing has even automated a part of the onboarding for you with a default learning journey that makes life easier. Check out the Years 1, 2 and 3 Learning Pathways (PPTX 6.9 MB).

Who will help me if I get stuck?

Customised, hands-on support from Phriendly Phishing’s experienced team is easy to access. You can contact support here: Submit a request – Phriendly Phishing

The CSTS team is also here to help. Email

Will it cost anything?

CSTS is fully funding Phriendly Phishing for all wānanga and PTEs and their staff for three years. Beyond this time, PTEs can discuss their subscription with the Phriendly Phishing team.

What if my organisation doesn’t use its licenses?

The fully funded Phriendly Phishing offer is only available to wānanga and PTEs and employees who will use their licenses for the full three years. Unused or inactive licenses may be revoked.

What happens if I use a personal email address (Gmail or Hotmail)?

To effectively deliver phishing simulations, Phriendly Phishing’s domains and IP’s need to be whitelisted. When using a consumer email service such as Gmail or Hotmail, whitelisting functionality is not available. In these circumstances, staff with a consumer email will still be able to access secure awareness training. They can login into the learner hub at, put in their email and use the verification code to login.

Please note, users will need to be added into the Phriendly Phishing platform before being able to login to the learner hub.

If you’re unsure if your email address falls into this category, please contact Phriendly Phishing.

Can I give a Phriendly Phishing license to one of our students?

Cyber Security for the Tertiary Sector is fully funding Phriendly Phishing licenses, for three years, for New Zealand Private Training Establishment employees only. An employee can be permanent, fixed term or a contractor. The offer does not extend to students.

Where the Phriendly Phishing platform may refer to ‘learners’ it is referencing your employees only.

Can we add our own PTE branding to the training emails sent to employees?

Yes, templates are customisable, and we recommend adding your own logo/branding to confirm your partnership with Phriendly Phishing.

You can find more information here: Customise Training Email Templates – Phriendly Phishing

I’m interested in learning more about the Phishing button. Where can I find more information?

Please refer to page 21 of the onboarding guide above – ‘Phish Reporter Configuration’ step 4.