Training courses and simulations

This article lists the course modules assigned to protected users through the standard 12-month security awareness training plan, or assigned as a result of failing a phishing simulation (see Assigned courses).

Courses are provisioned according to the cloud application a user is connected through. A Microsoft 365 (M365) user is enrolled on a plan tailored to that service, whereas a Google Workspace user is enrolled on a separate plan tailored to that service. If a user is connected through both applications, Coro presents a hybrid plan designed for this scenario.

Important

Admin users cannot change or cancel an active plan in this initial version of Coro SAT. If you enable training for M365 users, but later add further users from Google Workspace, you cannot configure Coro SAT to provide the hybrid plan instead of the M365 plan. All users connected through all cloud applications continue on the M365 plan until completion.

Standard 12-month plan courses

Each plan listed here shows the monthly course modules assigned to protected users from the relevant cloud application.

Users also receive the named phishing simulation by email. If they fail that simulation, they are automatically enrolled into the corresponding assigned course in addition to the plan course for that month.

Microsoft 365 user plan

Month	Course title	Description	Simulation	Assigned course
1	Cyber Security Fundamentals	A foundation course covering key fundamentals of cybersecurity, outlining what users should look out for and when, helping them to navigate the web safely.	Amazon gift card	Credit card fraud
2	Phishing 101	A back-to-basics review of phishing attacks, covering key examples of how cybercriminals target and launch phishing attacks and the key red flags users should look out for.	OneDrive account deletion (two stage)	Ransomware
3	Remote Working	An introductory course on best practices when remote working, and what users can do to ensure security risks are minimized.	O365 file share	Go Phish
4	Social Engineering	Socially engineered attacks aim to manipulate targets into giving away confidential information. This course explains what to look out for and how to identify a potential social engineering attack, helping users to avoid being manipulated online.	LinkedIn verify	Social Media
5	Managing passwords	This course explains the difference between passwords and passphrases and how to manage them safely and responsibly.	Microsoft password reset	Passwords
6	Malware	An introduction to malicious software, the forms that it comes in, and how to avoid it. This course takes users through the various types of malware, and teaches them how to identify threats and what to do if their device becomes infected.	Dropbox document shared	Safe internet usage
7	Investigating threats posed by AI (inc. ChatGPT)	A closer look at how recent advancements in Artificial Intelligence (AI) are being used by cybercriminals to gain advantage over their victims. This course looks at ChatGPT along with other iterations of AI to help users understand how this technology can be used against them.	AI work pension	Spear phishing
8	Debunking Cyber Myths	Debunking the five most-believed cybersecurity myths and explaining why users shouldn’t believe everything they hear.	Amazon sign-in detected without hints	Online scams
9	An introduction to Deepfakes	An introduction to deepfakes, what they are, and how to stay vigilant online to identify their usage.	Uber credit	Online self-defence
10	Physical Devices	In addition to typical targets such as computers and phones, devices like printers, scanners, and USB storage drives are also at risk of cyber attacks. This course shows users how to ensure all devices they might engage with are safe, and what to do if they suspect a device might be compromised.	Microsoft security alert	Workplace security
11	Understanding Cyber Impersonation Tactics	This course offers further insight into how cybercriminals can impersonate users or known brands, including some key tips on how to verify them.	Starbucks coffee voucher	Personal security
12	Account Takeover	An account takeover occurs when a cybercriminal poses as a genuine customer, gains control of an account, and then makes unauthorized purchases. This course shows users how to avoid these attacks and how to stop their accounts being compromised.	Microsoft Teams notification	Identity theft

Google Workspace user plan

Month	Course title	Description	Simulation	Assigned course
1	Cyber Security Fundamentals	A foundation course covering key fundamentals of cybersecurity, outlining what users should look out for and when, helping them to navigate the web safely.	Amazon gift card	Credit card fraud
2	Phishing 101	A back-to-basics review of phishing attacks, covering key examples of how cybercriminals target and launch phishing attacks and the key red flags users should look out for.	Google account deletion	Go Phish
3	Remote Working	An introductory course on best practices when remote working, and what users can do to ensure security risks are minimized.	Google Drive file share (two stage)	Ransomware
4	Social Engineering	Socially engineered attacks aim to manipulate targets into giving away confidential information. This course explains what to look out for and how to identify a potential social engineering attack, helping users to avoid being manipulated online.	LinkedIn verify	Social Media
5	Managing passwords	This course explains the difference between passwords and passphrases and how to manage them safely and responsibly.	Google password reset	Passwords
6	Malware	An introduction to malicious software, the forms that it comes in, and how to avoid it. This course takes users through the various types of malware, and teaches them how to identify threats and what to do if their device becomes infected.	Dropbox document shared	Safe internet usage
7	Investigating threats posed by AI (inc. ChatGPT)	A closer look at how recent advancements in Artificial Intelligence (AI) are being used by cybercriminals to gain advantage over their victims. This course looks at ChatGPT along with other iterations of AI to help users understand how this technology can be used against them.	AI work pension	Spear phishing
8	Debunking Cyber Myths	Debunking the five most-believed cybersecurity myths and explaining why users shouldn’t believe everything they hear.	Amazon sign-in detected without hints	Online scams
9	An introduction to Deepfakes	An introduction to deepfakes, what they are, and how to stay vigilant online to identify their usage.	Uber credit	Online self-defence
10	Physical Devices	In addition to typical targets such as computers and phones, devices like printers, scanners, and USB storage drives are also at risk of cyber attacks. This course shows users how to ensure all devices they might engage with are safe, and what to do if they suspect a device might be compromised.	Google security alert	Workplace security
11	Understanding Cyber Impersonation Tactics	This course offers further insight into how cybercriminals can impersonate users or known brands, including some key tips on how to verify them.	Starbucks coffee voucher	Personal security
12	Account Takeover	An account takeover occurs when a cybercriminal poses as a genuine customer, gains control of an account, and then makes unauthorized purchases. This course shows users how to avoid these attacks and how to stop their accounts being compromised.	Google Meet notification	Identity theft

Hybrid plan

Month	Course title	Description	Simulation	Assigned course
1	Cyber Security Fundamentals	A foundation course covering key fundamentals of cybersecurity, outlining what users should look out for and when, helping them to navigate the web safely.	Amazon gift card	Credit card fraud
2	Phishing 101	A back-to-basics review of phishing attacks, covering key examples of how cybercriminals target and launch phishing attacks and the key red flags users should look out for.	OneDrive account deletion	Go Phish
3	Remote Working	An introductory course on best practices when remote working, and what users can do to ensure security risks are minimized.	Google Drive file share (two stage)	Ransomware
4	Social Engineering	Socially engineered attacks aim to manipulate targets into giving away confidential information. This course explains what to look out for and how to identify a potential social engineering attack, helping users to avoid being manipulated online.	LinkedIn verify	Social Media
5	Managing passwords	This course explains the difference between passwords and passphrases and how to manage them safely and responsibly.	Microsoft password reset	Passwords
6	Malware	An introduction to malicious software, the forms that it comes in, and how to avoid it. This course takes users through the various types of malware, and teaches them how to identify threats and what to do if their device becomes infected.	Dropbox document shared	Safe internet usage
7	Investigating threats posed by AI (inc. ChatGPT)	A closer look at how recent advancements in Artificial Intelligence (AI) are being used by cybercriminals to gain advantage over their victims. This course looks at ChatGPT along with other iterations of AI to help users understand how this technology can be used against them.	AI work pension	Spear phishing
8	Debunking Cyber Myths	Debunking the five most-believed cybersecurity myths and explaining why users shouldn’t believe everything they hear.	Amazon sign-in detected without hints	Online scams
9	An introduction to Deepfakes	An introduction to deepfakes, what they are, and how to stay vigilant online to identify their usage.	Uber credit	Online self-defence
10	Physical Devices	In addition to typical targets such as computers and phones, devices like printers, scanners, and USB storage drives are also at risk of cyber attacks. This course shows users how to ensure all devices they might engage with are safe, and what to do if they suspect a device might be compromised.	Google security alert	Workplace security
11	Understanding Cyber Impersonation Tactics	This course offers further insight into how cybercriminals can impersonate users or known brands, including some key tips on how to verify them.	Starbucks coffee voucher	Personal security
12	Account Takeover	An account takeover occurs when a cybercriminal poses as a genuine customer, gains control of an account, and then makes unauthorized purchases. This course shows users how to avoid these attacks and how to stop their accounts being compromised.	Microsoft Teams notification	Identity theft

Assigned courses

This section lists courses that Coro automatically assigns to users that fail a phishing simulation. To view the simulations that trigger these assignments, refer to the Standard 12-month plan courses.

Assigned course	Description
Credit Card Fraud	A true story on credit card fraud and how to avoid it, analyzing the three main ways credit cards can be used by cybercriminals.
Go Phish	A game to test user awareness of phishing emails and to see if they can identify the phishing emails from real emails. Users can apply this knowledge to their everyday life when receiving and checking emails to ensure they never click on anything they shouldn’t.
Identity Theft	A look into identity theft, how someone’s identity can be stolen online, what it can then be used for, and how to avoid it.
Online Scams	An overview of common online scams, including a focus on holiday scamming and how users can identify and avoid these tricks.
Online Self Defence	A general update on how users can defend themselves online, reviewing lessons learned in earlier modules and taking a closer look at passwords and malicious websites.
Passwords	This course covers setting and managing passwords effectively. Passwords are often the starting point for everything users do online, so having a safe and unique password is vital for protecting user accounts.
Personal Security	A course looking at how human error plays a role in cyber attacks and what practices can be used in day-to-day life to defend individuals from cyber crime (for example, multi-factor authentication and password refresher).
Ransomware	Ransomware is a type of malicious software that threatens to expose a user's private data unless a fee is paid. This can be extremely dangerous as a victim not only risks losing information, but there is never a guarantee that the money paid to get it back will work. This course identifies how ransomware is used and what to do if a user suspects they have been compromised.
Safe Internet Usage	A general overview of best practices, such as avoiding phishing emails, trusting physical devices, identifying GDPR breaches, and more. This course is a fundamental guide to staying safe online.
Social Media	Social media can be a useful resource for cybercriminals. This course provides an overview of the risks, and provides advice on how to ensure users are posting wisely and not giving away any information that can be exploited or used for an attack.
Spear Phishing	A closer look at spear phishing – a targeted type of phishing attack. This course covers who is most at risk and protection methods users can implement to keep them safe from a spear phishing attack.
Workplace Security	How users can defend themselves in the workplace, including tailgating, use of key cards, data privacy/handling and the use of both work and personal devices.