Impact of security awareness training on phishing click-through rates