Traditional phishing defense training is labor-intensive and difficult to scale. Method: This study proposes an LLM-based automated training content generation framework, employing a lightweight user-feature embedding prompting strategy—bypassing complex personalization modeling—to efficiently produce customized training materials. A controlled experiment (N=480) rigorously evaluates efficacy. Results: AI-generated training significantly improves users’ phishing detection accuracy; extending training duration yields only marginal gains in performance; and simple prompts achieve near-optimal outcomes, demonstrating that fine-grained user profiling is unnecessary for effective LLM-driven security education. The approach is empirically validated to be effective, highly scalable, and deployment-friendly—establishing a novel paradigm for AI-augmented cybersecurity education.

Phishing remains a persistent cybersecurity threat; however, developing scalable and effective user training is labor-intensive and challenging to maintain. Generative Artificial Intelligence offers an interesting opportunity, but empirical evidence on its instructional efficacy remains scarce. This paper provides an experimental validation of Large Language Models (LLMs) as autonomous engines for generating phishing resilience training. Across two controlled studies (N=480), we demonstrate that AI-generated content yields significant pre-post learning gains regardless of the specific prompting strategy employed. Study 1 (N=80) compares four prompting techniques, finding that even a straightforward "direct-profile" strategy--simply embedding user traits into the prompt--produces effective training material. Study 2 (N=400) investigates the scalability of this approach by testing personalization and training duration. Results show that complex psychometric personalization offers no measurable advantage over well-designed generic content, while longer training duration provides a modest boost in accuracy. These findings suggest that organizations can leverage LLMs to generate high-quality, effective training at scale without the need for complex user profiling, relying instead on the inherent capabilities of the model.