Computer-executed methods for training users to discern electronic phishing messages to reduce risk of threats to the integrity of computing systems and/or computing resources. In some embodiments, the methods involve gamifying the training to motivate users to participate in the training. In some embodiments, gamification includes instructing electronic-messaging-system users to forward suspected phishing messages for analysis. The analysis may include automatically determining one or more of a variety of factors for each forwarded suspected phishing message, such as whether or not the suspected phishing message is an actual phishing message, whether or not the reporting is an original reporting, and how quickly the user made the report. In some embodiments, points are awarded based on the analyzed factors. In some embodiments, the methods involve building phishing knowledgebases for automatic electronic-message filtering. Software for performing disclosed methods or one or more portions thereof.