under construction
Security awareness Mindset or better security fundamentals is in the today’s business one of the most important things. The mechanism of social engineering and data phishing is very common.
There is someone give you a call or sent you an email with a request, information, a link or even a picture. That can leads to steal your credentials, identity or route you to suspicious Websites.
We all had that kind of situation and the chance to become a victim is higher than ever before. Imagine you have a busy day and after reading a lot of emails or have to get stuff done with a deadline you get a sms, WhatsApp or email with suspicious stuff. The chance that someone click the link or answer the sms is very high.
Viele dieser Spams sind sehr gut und sehen aus wie interne Systeme oder bekannte Websites. Es wird immer schwieriger, den Unterschied zu erkennen.
Viele große Unternehmen führen interne Tests mit gefälschtem Spam durch, um die Mitarbeiter auf die möglichen Folgen aufmerksam zu machen und auch um ihr Wissen zu testen.
Target Audience
Technical and non-technical employees across all departments.
Duration
- Compact version: 3–4 hours
- Standard version: 1 full day (recommended for better retention)
Learning Outcomes
- Identify spam and phishing attempts confidently
- Recognize and resist social engineering attacks
- Understand common cyberattack scenarios
- Assess risks related to AI and deepfakes
- Apply practical security behaviors in daily work
Module 1: Recognizing Spam & Phishing
Content
- What is spam vs. phishing
- How attackers disguise emails
- Dangerous links and attachments
Key Warning Signs
- Urgency (“Act now!”)
- Suspicious sender address
- Poor grammar or unusual tone
- Mismatched or shortened links
Practical Example
- 👉 “Your invoice is overdue – click here immediately”
- Leads to a fake login page
Exercise
- Participants analyze real vs. fake emails
Outcome
Employees avoid clicking malicious links and recognize phishing attempts
Module 2: Social Engineering
Content
- Understanding human manipulation tactics
- Common attack types:
- CEO fraud
- Fake IT support
- Phone scams
Practical Examples
- “This is IT support, I need your password”
- “The CEO needs an urgent transfer”
Attacker Techniques
- Authority pressure
- Urgency and stress
- Trust exploitation
Exercise
- Role-playing attack scenarios
Outcome
Employees protect sensitive information and verify requests
Module 3: Common Attack Scenarios
Content
- Typical attacks:
- Phishing → credential theft
- Ransomware → data encryption
- Malware → hidden infections
- Insider threats
Example Scenario
- Employee clicks phishing email
- Credentials are stolen
- Attacker accesses company systems
Impact
- Data loss
- Operational downtime
- Reputation damage
Outcome
Employees understand how their actions impact company security
Module 4: Security in the Age of AI
Content
- Deepfake videos and voice cloning
- AI-generated phishing emails
- Fake identities and profiles
Examples
- Fake CEO voice call requesting urgent action
- Perfectly written phishing emails without errors
Safe Use of AI
- Do not input sensitive data into AI tools
- Verify AI-generated content
- Check sources critically
Outcome
Employees identify AI-driven threats and act cautiously
Module 5: Security Mechanisms & Best Practices
Content
- Strong passwords (passphrases)
- Multi-factor authentication (MFA)
- Software updates and patching
- Secure device usage
- Clean desk & screen policy
Best Practice Example
- Weak: “Summer2026!” ❌
- Strong: “MyDogLovesRunningInThePark!” ✔
Quick Wins
- Lock your screen
- Avoid unknown USB devices
- Report suspicious activity immediately
Outcome
Employees actively contribute to organizational security
Final Assessment & Certification
- Quiz or phishing simulation
- Certificate of completion
- Optional refresher training every 6–12 months
Pricing
Option 1: Remote Training
- 3–4 hours
- Up to 20 participants
💰 €1,500
Option 2: On-Site Training
- Full day
- Up to 15 participants
💰 €2,200
Option 3: Scalable Program
- E-learning + live session
💰 €90 per participant