How 3 minutes of SoSafe Awareness Training per week helped Freudenberg respond to a €2 million near-miss fraud attempt

Freudenberg Home and Cleaning Solutions GmbH made security awareness part of the culture by bringing learning straight to employees’ inboxes.

Click rate:

82.5% drop (in 18 months)

Employee rating:

4.8/5

Onboarding time:

2 days

Products used:

• Personalized micro-learning
• Multi-channel Phishing Simulations and Phishing Report Button

Book a demo

Freudenberg Home and Cleaning Solutions GmbH, part of the family-owned Freudenberg Group, is best known for household names like Vileda®. Backed by a 170-year legacy that began as a tannery in Weinheim, the group has evolved into a global technology powerhouse, active in 40 markets worldwide. SoSafe collaborated with Martin Schmidt, Global Director of Digital Advisory, to help Freudenberg build cybersecurity awareness across their organisation.

At HuFiCon 2022, Martin took to the stage to share Freudenberg’s journey as a multinational company building a cybersecurity culture that is not only resilient, but deeply collaborative. Three years later, Freudenberg’s people are now its human firewall. This is the story of how they got there – through micro-learning, healthy competition, and a human-first approach.

If cyberthreats get personal, so should learning

Back in 2018, Freudenberg came close to losing around £2 million due to a classic CEO fraud. They were targeted with a fake “confidential acquisition” email, pressure calls, and even a forged invoice – all within three hours.

This incident triggered them to look deeper into their setup. While Freudenberg’s IT infrastructure was in place, the attempted attack slipped through its people. Humans are able to spot red flags, but sometimes a small slip-up based on trust or hesitation can lead to cyberattacks. That’s where the real gap was.

Closing that gap starts with awareness. It’s about helping people understand what threats look like, how to spot them, how to stay ahead, and what to do if something slips through.

Martin and his team – whose mission is to train employees not just with digital tools, but also with behavioural competencies – approached this incident with humans front and centre.

His experience with traditional classroom settings and voluntary trainings revealed a hard truth: the attendance was poor. Gathering people in one place, getting managers on board, and tracking sign-ups and follow-ups just wasn’t working. But are employees naturally resistant to training? Not necessarily – especially if you bring the training to them, Martin thought. “Bringing the challenge to the users into their mailboxes, into their daily life, is the only way I think you can actually have full participation.”

Martin and his team saw something we all experience but rarely pause to question: our limited motivation and capacity to learn because of information overload. As Martin noted,“…it is important that you have a good concept of how to bring knowledge to the people that they actually consume, and learn it, and internalise it.” In a constant stream of content, it’s easy to tune out things that don’t seem urgent. But it often takes failure – like the fraudulent call they nearly fell for – to wake us up to the cost of that habit.

Martin recommends: “Carve out and really reserve space for learning. Cut learning into very small pieces – micro-learning – and present it, for instance, at the point of failure, which then makes clear that the motivation’s very high to learn. So give it in five-minute slices and it will fit into a very busy workday. Failure ensures that there is high motivation to learn – everybody wants to learn from their mistakes.”

SoSafe’s Personalised Micro-learning is built on behavioural science and designed to adapt. It delivers ready-to-use, bite-sized cybersecurity training that fits into daily workflows.

Each user receives a personalised learning path tailored to their needs, keeping content relevant, and engaging. Gamification adds challenge, recognition, and momentum – so learning feels less like a task and more like progress. The result? Awareness that lasts, compliance that keeps up, and teams that stay one step ahead.

To quote Martin: “Continuous learning is at the heart of my job… learning agility is at the heart of being a digital native and a successful businessperson in the 21st century.”

That email tricked me too

Martin and his team didn’t just shift from classroom training to personalised micro-learning – they had to ensure it worked and that the impact would last.

To test effectiveness, Freudenberg launched a phishing campaign. The goal? Train users to spot threats in real time. Over 18 months, they reduced their initial click rate – the percentage of users who clicked on a simulated phishing link – from over 20% to just 3.5%.

Martin’s team and SoSafe achieved these results through a clear strategy and close collaboration, working side by side from onboarding to phishing simulation rollout – and beyond.

As Martin recalled, “The CSM who helped us really to onboard and roll out the programme very quickly, just in a matter of few weeks, which would not be possible without advice.”

There were plenty of takeaways from this collaboration.

The phishing templates had to reflect real-world trends to remain effective. So when Freudenberg’s teams brought their click rate down to 3.5%, they didn’t stop there. Instead of chasing zero clicks, they raised the difficulty level with more convincing, easy-to-fall-for templates.

“We’re going to get worse in this score,” Martin said, “but we’re going to get better as a company.”

They also leaned into positive reinforcement. With SoSafe’s Phishing Report Button, users weren’t just expected to delete suspicious emails – they were encouraged to report them. The plugin confirmed when users made the right call and followed up with tips and explanations.

As Martin noted, “It also, by the way, reduced the level of tickets we got from the phishing simulation because that’s all covered here, and we got more real phishing reporting.”

Martin’s team made smart use of SoSafe’s analytics dashboard. With detailed insights on registrations, clicks, completion rates, and user-specific metrics, they were able to actively track engagement and identify where additional support or reinforcement was needed – ultimately improving the effectiveness of both eLearning and phishing simulations.

With privacy by design as a core principle, they brought the Works Council (representing employees at company level) on board early. All simulation data was anonymised, and SoSafe’s GDPR compliance helped assure employees that their information was protected.

To keep learning consistent without overwhelming users, the team aligned on one challenge per month. This was enough to maintain momentum and ensure a secure culture remained top of mind.

One of the most creative things Freudenberg did? They gamified the process. The goal wasn’t just to build resilience – it was also to keep people curious, motivated, and engaged. How? By tapping into a healthy, competitive spirit. Each quarter, they shared updates and celebrated the winners of phishing challenges across the company. Cybersecurity became a team sport – and part of everyday shop-floor conversations.

Best of all? This became something people were eager to improve at.

SoSafe’s Personalised Phishing Simulations build real-world awareness through realistic, role-based scenarios. Each simulation adapts to human behaviour, making every test relevant. Employees learn to spot threats where they actually happen.

Freudenberg’s Swiss cheese firewall

Martin and his team worked through cultural differences across regions, offering tailored advice to employees around the world.

To explain the role of humans in security, Martin uses a relatable metaphor: Swiss cheese.

Just like Swiss cheese has holes, so do the layers of any technical defence. But when you stack those layers – and add the human firewall – those gaps stop aligning. Together, they form a solid line of defence.

Martin appreciated SoSafe’s approach – not just from a technical standpoint, but as something deeply human.

As he put it: “I think you were also one of the first companies to identify this topic, not just from a technical angle but also from a psychological angle, which I think is key here – because we’re talking about human behaviour, we’re not talking about setting up another infrastructure system.”

What also stood out to Martin was the level of service: “It’s a big step, coming from a toolbox approach to a fully serviced approach. And for me as a customer, that was key. I think it should be the case for many others too.”

Freudenberg’s story shows that when you meet people where they are, make learning practical, and back it with data and support, behaviour really does change. And that’s where real security begins.

With SoSafe, you can always ensure cybersecurity awareness is more than a once-a-year exercise. It becomes part of how your teams work, think, and respond – every day.

Scale your security
culture with ease

See how SoSafe supports CISOs, administrators, and end-users in building continuous resilience.

Request a demo