CybEssential is here to help.

CybEssential specialises in providing Security Awareness Training and Phishing Simulations to your people. We believe that ensuring your staff are aware of current tactics used by attackers, as well as helping them learn to recognize phishing emails using our simulations, can reduce the risk to organisations.

The Security Awareness Training and Phishing portal can operate as self service, which can be handy for organisations with large security teams. Or let us do the hard work for you as your Virtual Training Managers!

Securing your most important assets,

your people.

Security Awareness Training

Get an understanding of what minimum cyber security measures you should have in place, and how you can implement and maintain them.

Show Me How!

Phishing Simulations

Learn what a phishing attack looks like, the indicators and how your team can avoid them.


Show Me How!

Common Phishing Techniques

Phishing is not just about emails, here are some of the most common phishing techniques:



An email sent to millions of individuals, requesting they fill in personal information.  Majority of these emails include an urgent notice requiring the user to enter credentials to update account information, modify details, or verify accounts. They may be prompted to fill out a form in order to gain access to a new service via a link supplied in the email.

Spear Phishing

Spear phishing, as it sounds, is significantly more focused than traditional phishing tactics. Here, the hacker is wanting more valuable information than credit card information and is targeting a specific person or organisation. They conduct research about the target in order to personalise the attack and improve their chances of success.

Content Injection

Content injection is a phishing technique in which a phisher modifies a portion of the content on a trusted website's page. This is done to trick the visitor into visiting a page that is not part of the real website and then being requested to provide personal information.



One of the most sophisticated phishing strategies is Web-Based Delivery. The hacker, often known as a "man-in-the-middle," sits between the original website and the phishing system. During a transaction between the genuine website and the user, the phisher tracks details. As the user continues to send information, the phishers collect it without the user's knowledge.

Link Manipulation

The phisher delivers a link to a bogus website using the link manipulation technique. When a consumer clicks on the phishing link, it takes them to the phisher's website rather than the one stated in the link. Users can avoid falling for link manipulation by hovering the mouse over the link to see the actual URL.

Search Engines


Some phishing schemes employ search engines to drive users to product sites that may advertise low-cost goods or services. When a consumer attempts to purchase a product by providing credit card information, the phishing site collects this information. Many bogus bank websites claim to offer low-cost credit cards or loans, but they are actually phishing sites.


Malvertising is deceptive advertising that includes active scripts that download malware or install unwanted software on your computer. The most common methods used in malvertisements are exploits in Adobe PDF and Flash.

Website Forgery

Hackers create forged websites that look exactly like authentic websites. The purpose of website forging is to trick users into entering information that can be used to defraud or initiate additional assaults on the target.

Did you know...about the government cyber security rebate?
The Australian government’s federal budget for 2022-23 allows small businesses to claim 120% tax deduction for cybersecurity? There is no better time to start investing in your people, and raising the security bar of your organisation.
Did you know...that 91% of successful data breaches started with a spear phishing attack?
Did you know...CybEssentials Security Awareness Training and Phishing Simulations are licensed together, giving you the best of both worlds.

Why our clients choose CybEssential

Pragmatic Solutions

Affordable Training


Cost of Data Breaches in Australia


The Australian Cyber Security Centre received over 67,500 cybercrime reports in the 2020-2021 financial year, about 13% more than in the previous year: see here.

The cost of these cyber incidents is significant, and it is closely linked to compliance levels. According to IBM’s 2021 Cost of a Data Breach Report, organisations with a high level of compliance failures (resulting in fines, penalties, and lawsuits) had an average cost of a data breach of $5.65 million, compared to $3.35 million for organisations with a low level of compliance failures. A difference of $2.3 million or 51.1 percent.


Train your business with CybEssential

With one of the largest libraries of Cyber Security Awareness Training content; including interactive modules, videos, games, posters and newsletters.  You can set automated training campaigns with scheduled reminder emails or even upload your own content!