Foundations

How Attackers Think — The Mindset Behind Every Modern Cyber Attack

Most attackers are not in your office targeting you personally. They are running a business: cheap reconnaissance, automated targeting, and a profit motive. Understanding the four steps they follow — recon, lure, exploit, monetise — is the foundation every awareness lesson builds on.

6 min read

The Five Attack Categories — A Map of What You'll Actually Face

Almost every cyber attack you'll see in real life falls into one of five categories: phishing and social engineering, credential and authentication abuse, malware and ransomware, network and application exploitation, and supply-chain compromise. Knowing which one you're looking at tells you which defensive playbook to reach for.

7 min read

Spotting Phishing — The Four Red Flags You Can Always Trust

Phishing comes in many forms — email, SMS, voice, QR, chat, video — but almost every variant has the same four red flags: a request for action, urgency or pressure, a channel mismatch, and a credibility prop that doesn't quite hold up. Learn these four and you'll spot 90% of attempts without needing to be a security expert.

6 min read

Passwords & MFA Basics — Why Most MFA Isn't Phishing-Resistant

Passwords get stolen daily; reusing them across accounts is the biggest single risk for individuals and small organisations. Adding MFA helps — but not all MFA is equal. SMS, TOTP, and push-based MFA can all be bypassed in 2026. FIDO2 / passkeys, properly deployed, cannot. This lesson covers what to use, what to avoid, and the four attack patterns each control stops or doesn't.

7 min read

Reporting & Incident Hygiene — The First 30 Minutes Matter Most

When you suspect a security incident, what you do in the first 30 minutes determines how much damage gets contained. This lesson teaches the four moves to make immediately, the four moves to NOT make, who to call, what evidence to preserve, and how NIS2 and GDPR reporting clocks work for non-technical staff.

6 min read