Attackers adapt their attacks to be more effective based on exploiting technical and human vulnerabilities. Social engineering attacks take advantage of human vulnerabilities considering that psychological factors could extend these vulnerabilities due to anxiety, stress, or high credibility. The development of technological solutions must be accompanied by training for people. However, training should not focus only on showing the technical details. In addition, it should consider strengthening the cognitive processes used in decision-making processes. This work aims to propose a methodology and architecture to develop a phishing training Web platform based on cognitive processes.