7 January 2025 • Phishing
In 2026, phishing will still be the most-used method by cyber criminals to hack their way into organizations.
And no matter how good your firewall and other security measures are, every once in a while a phishing email will reach one of your employees. That’s why it’s essential to train your employees on how to recognize a phishing email and how to act once they find they’re dealing with phishing.
Old-fashioned methods such as long-winded instruction videos, PowerPoint presentations, or in-person training are often not effective. These passive methods allow employees to slack off, and simply check off the training from their to-do list.
On the other hand, anti phishing games and quizzes make for an active and fun learning experience. But with a wide variety of games on the market, it can be difficult to figure out which game fits your team best.
In this article, I’ll share the best anti phishing games out there. Let’s dive in!
The best phishing games for employees in 2024
- Guardey
- Phishing Quiz: Jigsaw
- CSI: Phishing Game
- ProProfs Quizzes
- Infosequre
- IT Governance
- Egress
1. Guardey

Guardey is a security awareness game built especially for employee training. During weekly challenges that take three minutes to complete, employees learn about cyber security in a playful manner. Because employees are actively learning about security every week, they slowly build up knowledge and tangible behavior change takes place.
One of the main topics of Guardey’s training content is phishing. You learn about social engineering principles and get challenged to figure out which emails are real and which are phishing.
Every Guardey user starts the game by founding their own fictional company. By playing the challenges, they get to improve their reputation and earn money. In the leaderboard, users can see which colleagues are getting the best scores in the game. They can also win badges. These gamification elements make for great participation rates.
Guardey is a great pick for any organization that wants to drive lasting behavior change in their employees. But if you’re looking for a one-time quiz, this is not the best pick for you.
Pros
- Built on gamification principles
- Weekly challenges that take 3 minutes
- Also offers a phishing simulation module
- Comes with a native mobile app for frontline workers
Cons
- It’s not free, but comes with a 14-day free trial
Request a demo of Guardey
2. Phishing quiz: Jigsaw
If you’re looking for a phishing game that is completely focused on phishing, this quiz by Jigsaw is worth a try. What strikes me first is the beautifully straightforward design. Many of the games I come across are simply poorly designed. Designers often opt for overly childish and busy designs because of the word ‘game’, but that’s not the case here.
The quiz questions are also of high quality. Every challenge is followed up by to-the-point feedback that teaches you what you did right or wrong.
There’s one issue with this quiz. With 8 questions, it’s on the short side. This can be fun to boost employee awareness once, but this awareness will quickly wear off. Real behavior change only happens after regular training.
But if you’re looking for a one-off quiz, this is a good one.
Pros
- Free
- Get started in one minute
- Beautiful design
Cons
- Only focused on phishing
- Not a long-term training solution (only 8 questions)
📚 Related: Discover the 16 best security awareness games
3. CSI: Phishing Game
As the name of this anti phishing game suggests, you will take on the role of investigator in CSI: Phishing. The organization you work for has been breached and it is your job to find out where the attack came from. You get access to the organization’s social media accounts, emails, and so on.
By judging the messages, you get to spot which messages are phishing and which aren’t.
You can’t try out this game for free, so you’ll need to request a demo on their website to learn more about it. The costs are also not available on the website.
Pros
- Creative concept
- Good questions
Cons
- No transparent pricing
- No free trial
4. Proprofs User-generated Quizzes
Proprofs is a website that enables its users to create their own quizzes. As a result, there are also a bunch of phishing-related quizzes on the platform. With a wide variety of choices, there are a couple of good ones and a couple of not-so-good ones.
The issue with these user-generated quizzes is that you have no idea who put them together. In the case of Guardey, the game questions are put together by cyber security specialists and educationalists. In these cases, it could be the outcome of a student project.
Either way, it’s worth taking a look.
Pros
- Wide variety of quizzes
- Free to play
Cons
- User-generated, so quality is unclear
- Not for regular training
📚 Related: How to use the power of gamification in security awareness programs
5. Infosequre
In Infosequre’s phishing game, users are challenged by an AI bot that sends simulated phishing emails. Participants must quickly identify which emails are suspicious and explain why. Through repeated practice, users develop the ability to recognize phishing attempts instinctively, reducing the risk of careless clicks.
For more information about pricing or to see what the game actually looks like, you can contact Infosequre’s sales team.
Pros
- Fun way to learn how to recognize phishing
Cons
- The gameplay can become a bit repetitive
- There is no leaderboard or other gamification elements
6. IT Governance
IT Governance offers a phishing game that focuses on four main learning points: the dangers of clicking suspicious attachments, how to spot a phishing email, what to do after clicking on something you shouldn’t have clicked, how to report phishing and other cyber attacks.
The game seems to lack any further gamification elements such as a leaderboard or trophies. A nice pro is that they offer an LMS that enables you to prove compliance with your cyber insurance policies or information security directives.
If you want to learn more about their pricing, you can visit their website. By filling in the number of users you are going to sign up, you get an estimation.
Pros
- Comes with a learning management system
- In-depth training
Cons
- Not fully gamified
- No free trial of the product
7. Egress
Egress, which is a company by KnowBe4, offers another fun, one-time phishing quiz. It’s only 8 questions long, which makes for an effective reminder of the importance of phishing awareness. However, if you’re looking for a long-time training solution, this is not the tool you’re looking for.
The game is straightforward. You get to see an email and then have to decide whether it’s a phishing email or not. We like the simplicity of it, but are not so much a fan of the rest of the gameplay. First of all, you don’t get feedback after every question and don’t learn whether your answer was even correct or not. Also, the examples don’t include the address of the sender, which is a very important aspect to look out for in any phishing email.
Pros
- Free to play
- Suitable for short and sweet reminders
Cons
- No direct feedback after each question
- The phishing examples are not complex enough
Drive employee behavior change Guardey’s anti phishing game
If you’re looking for a game to play once or twice with colleagues, any of the above options will do just fine.
But if you want to use gamification to drive real behavior change and protect your company from data breaches — Guardey is the best bang for your buck.