Phishing Training No. 3

Welcome to Phishing Training No.3, a quirky, Stanley-Parable indie game where you play as disgruntled employee Stanley being guided through the ins and outs of phishing attacks in his dreary office.

Comment

Inspiration

One of the biggest issues we face today is phishing. Those sneaky, fake emails that trick people into giving up personal information and using that information to do harmful things. It’s a serious problem, and despite all the warnings, people still get caught off guard. So, we asked ourselves: how can we really help people understand phishing and protect themselves from these scams?

Then, we had a breakthrough: what if we made learning about phishing fun? Instead of the usual boring lessons, we could turn it into a game. By gamifying phishing education, we can teach people to spot suspicious emails and avoid them, but in a way that's engaging and memorable. Gamifying this process makes it easier to learn and practice in a safe, fun environment.

What it does

Our project takes a fresh approach to phishing education by successfully gamifying the process. It begins with a character named Stanley, who finds himself in a gloomy, dimly lit office at a company called SadCorp. Due to a significant rise in phishing emails, SadCorp has developed a virtual trainer to help employees like Stanley navigate the threat. The trainer guides Stanley (the player) through five emails, providing detailed instruction on how to identify phishing attempts. Once you’ve completed these training emails, you’re on your own, facing a series of new emails where you must decide whether they’re legitimate or fraudulent.

What makes this approach so engaging is the immersive environment we’ve created. The office is intentionally designed to feel bleak and depressing, complete with subtle but impactful details—a solitary family photo of just Stanley, a half-empty bookshelf with one book lying on the desk, a spilled mug, and other signs of disarray. Even the flickering sound of a fluorescent light hums in the background, enhancing the atmosphere. Players can explore this space by scrolling around, uncovering these little touches that contribute to the sad, corporate mood.

As players interact with the screen, the narrator provides real-time guidance, explaining the do's and don'ts of phishing emails. After the initial five emails, the game shifts—players continue to receive emails but must now rely on what they’ve learned to determine if they're phishing attempts. The app offers feedback if a mistake is made, ensuring that players can learn from their errors and become better equipped to handle these scams in the real world.

By gamifying phishing detection, our project not only incentivizes students and players to actively engage with the material but also helps build practical skills in a fun and memorable way. We believe this method revolutionizes the way people learn about phishing, while maintaining a unique and carefully crafted aesthetic throughout the experience.

How we built it

• Unity • C# for scripting on Unity • Python for scripting and scraping emails • Blender to create models of the workspace

Challenges we ran into

Unity, C# and blender is quite new to me and my team, we struggled with modeling all items. Scripting in C# was also pretty complex for us.

Accomplishments that we're proud of

Every change we made on unity that resulted in a better-looking canvas, every script that we attached and got to work was an accomplishment in itself, since we’re 4 freshmen on a team that made a project this complex on unity. We’re proud of being able to finish coding this project and making it work. We’re proud of being able to work in a team with no conflicts and help each other through bugs and errors.

What we learned

Unity has been fairly complex for a person who is using it for the first time. We learnt how to use unity, C#, and blender a lot better.

What's next for Phishing Training #3

We're going to advance this program to be made more challenging and add a story mode for the game.

Share this project:

Updates