This article will take you through employee badges and leaderboard functionality. This functionality is enabled by default on the Reporting page and is updated every 24 hours (or through a manual refresh).

1. What are Employee Badges?

CanIPhish will apply a variety of different badges to employees participating in phishing or training campaigns. These badges are designed to add an element of gamification to the platform, rewarding employees for good behaviors such as avoiding phishing emails, completing trainings quickly, and much more.

Each badge provides a varied number of points based on the difficulty of obtaining the badge.

2. What is the Employee Leaderboard?

Administrators of the CanIPhish platform have access to view the raw leaderboard showing the top-ranking employees based on badge points along with the badges they've earned. This can be used by administrators or managers to reward or incentivize good behavior. See below for example reward programs.

Your company leaderboard can be accessed via the Dashboard by clicking the 'View More' link in the Employee Leaderboard tile or by navigating to Reporting > Employee Information > Employee Leaderboard.

3. What badges can an employee earn?

The badges an employee can earn, the criteria, badge type, and points awarded are listed below:

Badge ID	Badge Image	Badge Name	Badge Description	Badge Type	Badge Score
1		Unphishable	Never clicked on a phishing email	Phishing	50
2		Swimming with floaties	Successfully dodged the latest phishing attack	Phishing	5
3		Swimming with dolphins	Successfully dodged 2 phishing attacks in a row	Phishing	10
4		Swimming with jellyfish	Successfully dodged 5 phishing attacks in a row	Phishing	20
5		Swimming with sharks	Successfully dodged 10 phishing attacks in a row	Phishing	50
6		PhD in Phishology	Completed all training modules on the first attempt	Training	25
7		Marathon swimmer	Completed all training modules before the due date	Training	15
8		Sonar detector	Completed a training module within 1 day of receiving it	Training	10
9		Anchor duty	Completed all training modules within 1 day of receiving them	Training	50
10		School of phish	Failed a training module but then passed with 100%	Training	5
11		Phish finder	Successfully reported a simulated phishing email	Phishing	10
12		Phish whisperer	Successfully reported 2 simulated phishing emails	Phishing	20
13		Spam samurai	Successfully reported 5 simulated phishing emails	Phishing	50
14		Clickbait	Clicked on an email but reported it to IT	Phishing	10
15		Phish bait	Fell for two phishing attacks in a row	Phishing	-5
16		Phish food	Fell for five phishing attacks in a row	Phishing	-10
17		Phish fingers	Fell for ten phishing attacks in a row	Phishing	-25
18		Overboard!	2 assigned trainings are overdue	Training	-5
19		Lost at sea	3 assigned trainings are overdue	Training	-10
20		Shipwrecked	5 assigned trainings are overdue	Training	-25

Looking to call out your top learners? Don't forget to use some of our top phishing memes to help lift spirits!

Example Reward/Incentive Programs

Example 1: Using Hard-To-Achieve Badges for Ongoing Incentives

An ongoing incentive that any employee who reaches the coveted "Swimming with Sharks" badge (if you dodge 10 phishing attacks in a row) receives a gift voucher.

Example 2: Team Competitions with Leaderboards

Incorporate a competitive edge by organizing team-based challenges where groups compete to earn badges, contributing to an overall team score. The highest-scoring team each quarter could be rewarded with incentives like a team lunch or a day off, boosting morale and collective effort.

Example 3: Annual Awards for Top Performers

Implement an annual awards program to honor the top 3 performers who demonstrate exceptional skill in cybersecurity training and phishing detection by accumulating the most points throughout the year.