Quick Start Guide

Welcome to your Security Awareness Platform! Whether you’re just getting started or need a quick refresher, this guide walks you through the key steps for a smooth setup to launch effective phishing simulations and training campaigns.

In This Article:

  1. Onboarding Tour Video
  2. Sign In
  3. Whitelisting
  4. Set up Phish Reporter
  5. Test Phishing Campaign
  6. Importing Learners
  7. Creating Departments
  8. Launching a Baseline Phishing Test
  9. Internal Communications
  10. Creating a Training Campaign
  11. Campaign Monitoring & Reporting
  12. Public Portal

Onboarding Tour Video

Start your journey with a quick tour! This video gives you a glimpse of the platform’s core features and shows how to kick off your awareness training. Great for first-time users.

Sign In

Your journey begins with your Manager Welcome Email. Use the link provided to sign in and set up your account.

Alternatively:

Whitelisting

First things first - Ensure Successful Email Delivery.

Before sending out any phishing simulations or training content, complete the whitelisting process to prevent emails from being blocked or marked as spam.

Whitelisting Steps:

  1. Start with the Whitelisting Basics guide to understand the overall process.
  2. Whitelist platform domains using the Whitelisting Technical Information guide.
  3. Check your organisation’s current email security and spam filtering setup.
  4. If you use a cloud-based spam filter, ensure domains are whitelisted at the filter level.
  5. If you have additional email security layers (e.g., Microsoft Defender, Bitdefender, ESET), refer to the relevant System - Specific Whitelisting Guides.

Note: Always whitelist by domain where possible. IP-based whitelisting should only be used if required.

Need more info? Visit our Understanding the difference: Email Domain vs App Domain Whitelisting guide.

Set up Phish Reporter

Encourage learners to report suspicious emails using the Phish Reporter. This simple step builds lasting awareness and provides measurable insight into learner behaviour.

Why it matters: Reporting is the behaviour change that counts. It’s not just about who clicks - it’s about who reports. A learner flagging a dodgy email shows critical thinking in action. That’s your real return on investment.

Choose the setup that suits your organisation:

Manual Forwarding:

  • Create an internal mailbox (e.g. phishreport@yourdomain.com).
  • Set it to automatically forward all reported emails to the platform’s phishing report address.
  • This ensures reports are tracked and included in your campaign metrics.

Microsoft Report Button:

  • Microsoft’s built-in 'Report Phishing' button makes reporting easy and seamless.
  • It allows your organisation to monitor learner-reported emails internally while still tracking phishing simulation results in the platform.

Need a hand with setup? Visit our Phish Reporter Guide for detailed guidance.

Test Phishing Campaign

After whitelisting, run a test campaign to ensure emails are reaching inboxes before your broader rollout.

  • Run a small-scale test campaign using two or three admin users.
  • Check that phishing emails are delivered, and reported emails are tracked in campaign results.
  • Delete the test campaign afterwards to avoid skewing data.

Importing Learners

Easily get your learners onto the platform in a few simple steps.

Ways to Import Learners:

  • Log in and access your  'Admin dashboard'
  • Navigate to the 'Users' section, 
  • Click 'Add Users' (top-right corner), and choose:
  1. Manually 'Add User' one at a time,
  2. 'Import Users' in bulk via a CSV file, or 
  3. 'Sync Users' using Active Directory Integration.

Need more info? Visit our Adding New Learners Guide.

Creating Departments

Organising learners by departments helps track progress across teams and tailor campaigns to specific groups.

Two ways to set this up:

  1. CSV Method: Include department names in your CSV file – they’ll be created automatically.
  2. Manual Setup:
  • Go to the 'Users' section.
  • Select the 'Departments' tab.
  • Click 'Create Department'.

Need help? Visit our Creating Departments Guide for step-by-step instructions.

Launching a Baseline Phishing Test

A baseline phishing test helps you assess your organisation’s current readiness against phishing attacks. Run this test before launching any training campaigns.

How to Launch a Baseline Phishing Test:

  • Navigate to the 'Phishing' section.
  • Select the 'Campaigns' tab.
  • Click 'Create Campaign' and follow the setup wizard.
  • Select 'No Training' during setup – learners shouldn’t be aware of the test.
  • If a learner clicks, they’ll land on a generic page (e.g. a 404 error page).

Need help? Visit our Phishing Guides.

Internal Communications

Once your baseline test is complete, it’s the perfect time to introduce the awareness programme to your learners.

  • Start by sending a friendly, informative launch email explaining the purpose and importance of training.
  • Keep it clear, calm, and approachable - this isn’t about fear. It’s about building confidence and awareness.
  • If you've set up Phish Reporter (via the Microsoft Report Button or manual forwarding), now’s the time to encourage learners to start reporting suspicious emails. This reinforces behaviour change from the start.

Need help crafting your message? We’ve got ready-to-use templates in our Employee Communications Guide.

Creating a Training Campaign

Training campaigns are the core of your awareness efforts. These help reinforce key behaviours and keep security top of mind.

Best Practices:

  • Run campaigns regularly throughout the year to maintain momentum.
  • Avoid cramming all training into one annual push - smaller, consistent learning moments are more effective.

What to Expect:

Learners will only receive system emails once their first training campaign is launched. These include:

  • Learner Welcome Email: Sent to new learners with login details.
  • Training Campaign Welcome Email: Sent when new training is assigned.

How to Create a Training Campaign:

  • Navigate to the 'Training ' section.
  • Select the 'Campaigns' tab
  • Click 'Create Campaign' and follow the setup wizard.

Need help? Visit our Training Campaign Guides

Note:

  • The learner onboarding email contains a secure login token that is only valid for 7 days.
  • If a learner tries to log in for the first time after this period, they'll see a "Failed to Activate Account" message.
  • To resolve this, they simply need to reset their password to receive a new onboarding email.

Need help? Visit our troubleshooting guides:

Campaign Monitoring & Reporting

Once your campaigns are live, keep track of their progress and performance.

How to Access Reports:

  • Navigate to the 'Reports' section.
  • Choose 'Phishing Campaigns' or 'Training Campaigns'.
  • Select your format: CSV for detailed data or PDF for summaries.
  • Click the 'Get Report' to download.

Need more info? Visit our Reporting Guides for deeper insights.

Public Portal

We’ve put together a powerful collection of value-added communication assets to help support your awareness rollout - and they're all available in our Public Portal.

You’ll find a full January-December communication calendar packed with posters, infographics, cyber tips, and campaign collateral. These are designed to help break up training into bite-sized themes and keep learning consistent and top of mind.

Many organisations use these tools in creative ways - whether it's Digitally or in Office: posters, screensavers, internal newsletters, instant messages, or even a “Cyber Tip ”sent out on a Monday by management.

Use them to map out a super-easy annual rollout plan that complements your online training and phishing simulations, creating a well-rounded, 360° awareness experience.

🎁 And yes - it's all completely free.

👉 Head over to the Public Portal to explore and download.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles