SUCCESS STORY
M&S Logistics strengthens cyber awareness with Boxphish
Overview
M&S Logistics, a leading UK supply chain and supplier of SO Tanks internationally, partnered with Boxphish to strengthen cyber awareness across all its staff globally. M&S Logistics has a heavy reliance on digital systems for its logistics planning, inventory, and client communications.
Boxphish provided a tailored programme designed to protect operational data, maintain delivery continuity, and ensure staff could confidently identify and respond to threats.
"From our initial conversations to signing up and ongoing use and support I've been very happy and indeed impressed with Boxphish and staff. They're always very helpful and friendly, and a pleasure to talk with."
Pip Robbins, IT Manager | M&S Logistics
Challenges
M&S Logistics operates in a high-risk environment where cyber attacks can disrupt the movement of goods, delay deliveries, and damage client trust. Key challenges included:
Increasing number of spam and scam emails being detected by automated email protections.
Protecting corporate, operational and shipment data critical to client supply chains.
Lack of knowledge and training across a worldwide workforce and the need for transferable training for staff across multiple depots, delivery routes, and offices.
Mitigating the risk of phishing and social engineering targeting staff who frequently communicate digitally with suppliers, clients, and transport partners.
Scaling training to match business growth and a mobile workforces, as well as combating evolving security threats as they develop and become more strategic.
Solution
The programme rolled out smoothly across all depots and offices. Staff complete interactive modules and participate in simulated phishing campaigns that reflected real-world logistics threats. Automated onboarding ensures every new employee joined the training programme immediately.
Short, practical training modules on phishing, ransomware, and mobile device security for staff on the move.
Realistic phishing simulations tailored to logistics scenarios, such as fake shipment notifications, supplier invoice scams, and fraudulent delivery instructions.
Engaging videos, quizzes and exercises reinforcing good cyber security habits in daily operations.
Automated course assignments for new starters, ensuring all drivers, warehouse staff, and office personnel receive timely training.
Impact
Boxphish training delivered clear benefits for M&S Logistics, including:
01.
A course completion rate exceeding 90% across the company.
02.
Phishing simulation engagement revealed stronger staff vigilance across all teams.
03.
Reduced operational cyber risk, safeguarding client shipment and operational data.
04.
Embedded a culture of cyber awareness, with staff confident in spotting and reporting threats, proven with staff taking cyber lessons learnt in the workplace into their personal lives.
05.
Strengthened client trust by demonstrating proactive protection of supply chain information.
Standout features
Short, interactive courses tailored for mobile and desk-based teams.
Measurable reduction in susceptibility to cyber threats.
Automated onboarding for consistent coverage across depots and delivery teams.
Minimal administrative effort for IT teams, ensuring operations remain uninterrupted.
Realistic phishing simulations reflecting logistics workflows.
Future outlook
M&S Logistics will continue using Boxphish to keep cyber awareness high across all operational teams. By embedding a proactive security culture, the company ensures delivery continuity, protects client data, and maintains its reputation for reliable, secure supply chain services. Boxphish also helps to protect M&S Logistics against developing threats that become more commonly used across the cyber space.
Would M&S Logistics recommend Boxphish?
“We’re huge fans of Boxphish, and again not only because of the brilliant product but because of the staff. Boxphish is highly recommended by us."
Pip Robbins, IT Manager | M&S Logistics
KEEP UP TO DATE
See more case studies
Apr 9, 2026
Local Authority data breaches report: Q3 2025 (Nov 25 - Jan 26)
Apr 9, 2026
Retail data breaches report: Q3 2025 (Nov 25 - Jan 26)
Apr 9, 2026
Education data breaches report: Q3 2025 (Nov 25 - Jan 26)