Schedule a Demo
Back to Resource Center

The 5 best anti phishing games and quizzes for employees

In 2024, phishing will still be the most-used method by cyber criminals to hack their way into organizations.

And no matter how good your firewall and other security measures are, every once in a while a phishing email will reach one of your employees. That’s why it’s essential to train your employees on how to recognize a phishing email and how to act once they find they’re dealing with phishing.

Old-fashioned methods such as long-winded instruction videos, PowerPoint presentations, or in-person training are often not effective. These passive methods allow employees to slack off, and simply check off the training from their to-do list.

On the other hand, anti phishing games and quizzes make for an active and fun learning experience. But with a wide variety of games on the market, it can be difficult to figure out which game fits your team best.

In this article, I’ll share the best anti phishing games out there. Let’s dive in!

The best phishing games for employees in 2024

  • Guardey
  • Phishing Quiz: Jigsaw
  • CSI: Phishing Game
  • FTC’s Phishing Quiz
  • Missing Link
  • ProProfs Quizzes

1. Guardey

Guardey is a security awareness game built especially for employee training. During weekly challenges that take three minutes to complete, employees learn about cyber security in a playful manner. Because employees are actively learning about security every week, they slowly build up knowledge and tangible behavior change takes place.

One of the main topics of Guardey’s training content is phishing. You learn about the principles of social engineering and get challenged to figure out which emails are real and which ones are phishing. After each question in the challenge, users get in-depth feedback and insights about what they did right or wrong. Other training topics include password security, ransomware, deepfakes, and more.

Every Guardey user starts the game by founding their own fictional company. By playing the challenges, they get to improve their reputation and earn money. In the leaderboard, users can see which colleagues are getting the best scores in the game. They can also win badges. These gamification elements make for great participation rates.

Guardey is a great pick for any organization that wants to drive lasting behavior change in their employees. But if you’re looking for a one-time quiz, this is not the best pick for you.


  • Built on gamification
  • Weekly challenges that take 3 minutes
  • Ability to customize content


  • It’s not free, but comes with a 14-day free trial

Start a free Guardey trial

2. Phishing quiz: Jigsaw

If you’re looking for a phishing game that is completely focused on phishing, this quiz by Jigsaw is worth a try. What strikes me first is the beautifully straightforward design. Many of the games I come across are simply poorly designed. Designers often opt for overly childish and busy designs because of the word ‘game’, but that’s not the case here.

The quiz questions are also of high quality. Every challenge is followed up by to-the-point feedback that teaches you what you did right or wrong.

There’s one issue with this quiz. With 8 questions, it’s on the short side. This can be fun to boost employee awareness once, but this awareness will quickly wear off. Real behavior change only happens after regular training.

But if you’re looking for a one-off quiz, this is a good one.


  • Free
  • Get started in one minute
  • Beautiful design


  • Only focused on phishing
  • Not a long-term training solution (only 8 questions)

3. CSI: Phishing Game

As the name of this anti phishing game suggests, you will take on the role of investigator in CSI: Phishing. The organization you work for has been breached and it is your job to find out where the attack came from. You get access to the organization’s social media accounts, emails, and so on.

By judging the messages, you get to spot which messages are phishing and which aren’t.

You can’t try out this game for free, so you’ll need to request a demo on their website to learn more about it. The costs are also not available on the website.


  • Creative concept
  • Good questions


  • No transparent pricing
  • No free trial

4. Missing Link

Another fun quiz that works well if you’re looking for a one-off. This phishing quiz was put together by an American university and can be played for free by anyone.

In the example above, you’re asked to point out the clues that prove you’re looking at a phishing email. After doing so, you get an explanation for each clue. This direct feedback is a great way to learn.

Since it’s a short quiz, this is a fun cyber awareness boost for your team, but can’t be viewed as a proper training solution.


  • Free to play
  • Fun way to learn


  • Not suitable for recurring training
  • Only focuses on phishing

5. Proprofs User-generated Quizzes

Proprofs is a website that enables its users to create their own quizzes. As a result, there are also a bunch of phishing-related quizzes on the platform. With a wide variety of choices, there are a couple of good ones and a couple of not-so-good ones.

The issue with these user-generated quizzes is that you have no idea who put them together. In the case of Guardey, the game questions are put together by cyber security specialists and educationalists. In these cases, it could be the outcome of a student project.

Either way, it’s worth taking a look.


  • Wide variety of quizzes
  • Free to play


  • User-generated, so quality is unclear
  • Not for regular training

Drive employee behavior change Guardey’s anti phishing game

If you’re looking for a game to play once or twice with colleagues, any of the above options will do just fine.

But if you want to use gamification to drive real behavior change and protect your company from data breaches — Guardey is the best bang for your buck.

Don’t let hackers outsmart you. Try Guardey for free.

Frequently Asked Questions

What is gamification?

Gamification is adding game elements into non-game environments, such as security awareness training, to increase participation and foster active learning.

What are the benefits of gamification in security awareness training?

Traditional security awareness training can often be dry and boring. With gamification, the complex subject matter is transformed into an engaging and memorable experience.

By integrating game elements such as challenges, quizzes and rewards, it incentivizes users to actively learn. This makes the training more enjoyable and fosters a sense of competition and achievement. This combination drives better retention and application of cyber security knowledge.

Why is it important to train security awareness on a weekly basis?

Research shows that up to 90% of the learnings from yearly or even quarterly training are forgotten within a few weeks. Guardey was built to keep its users aware of cyber threats 365 days a year. The game comes with short, weekly challenges that slowly builds up the user’s knowledge and eventually drives lasting behavior change.

Which topics are covered in Guardey’s security awareness game?

Guardey covers a wide array of topics to train users about all currently relevant cyber threats, put together in collaboration with ethical hackers and educationalists. The topics covered include phishing, remote work, password security, CEO fraud, ransomware, smishing, and much more.

How much time do the weekly challenges take?

Every challenge takes up to three minutes to complete.

Can I use Guardey to comply with the ISO27001, NIS2, and GDPR security awareness policies?

Yes. ISO27001, NIS2, and GDPR all require that all employees receive appropriate security awareness training. Guardey is always up-to-date with the latest cyber threats, policies, and procedures.

Is security awareness training important for all employees, or just specific roles?

Cybersecurity awareness training is crucial for all employees, not just specific roles. Every staff member can potentially be a target or an unwitting entry point for cyber attacks. Training helps create a security-focused culture and minimizes risks for the entire organization.

While certain roles may require specialized training, a foundational level of training should be accessible to everyone.

In which languages is Guardey available?

Guardey is available in English, Dutch, Italian, French, Spanish, German, Polish, Swedish and Danish.

Want to ask more questions?
Get a personal demo

Get the latest resources & news, delivered directly to your inbox.

Anouk CTA Guardey website

Let's protect your business!

  • Try completely risk free
  • 24/7 support
Start 14-day free trial