Continuous Security Education

This ongoing training series delivers short, engaging lessons on phishing tactics, cognitive biases, and cybersecurity best practices. Modules are sent weekly to keep employees alert, aware, and up to date with emerging threats.

Audience: All Employees
PCI-DSS HIPAA CJIS ISO CMMC

What You'll Learn

Reinforce security awareness through continuous micro-learning to help employees recognize evolving threats and apply secure behaviors daily.

Course Overview

Each module delivers a concise 60 second or less video followed by an interactive quiz. Topics span technical, physical, and psychological aspects of security awareness.

  • Delivered 1–2 times per week via email
  • Short text overview in email with link to a 1-minute video
  • Each video is followed by a multiple-choice question
  • Hosted on a unique landing page for each individual requiring no login
  • Designed to keep security top of mind throughout the year, rather than once a year

Sample Module Video

Get Free Phishing Assessment Today!

Modules:

Phishing Techniques & Tactics
  • Password Reuse – Explains the risks of reusing passwords across accounts and how one breach can compromise many.
  • Spear Phishing – Covers how attackers target individuals using personal information and how to spot red flags.
  • Chain Email Spoofing – Shows how attackers hijack email threads to blend in and gain trust.
  • BEC Attacks – Explains Business Email Compromise, how attackers impersonate executives, and how to verify requests.
  • Docusign Phishing – Demonstrates fake DocuSign emails and how to verify legitimacy before clicking.
  • CEO Scam – Explains how attackers impersonate CEOs to request sensitive actions like wire transfers.
  • Finance Phish – Highlights attacks that target finance teams with invoice or payment fraud.
  • HR Phish – Covers phishing emails pretending to be from HR requesting personal or payroll info.
  • IT Phish – Explains fake IT support emails asking users to reset passwords or install software.
  • Wrong Number SMS – Covers smishing scams that start with a wrong-number text and escalate into fraud.
  • Gift Card Scams – Explains scams where attackers pose as executives asking for gift card purchases.
  • Fake Lottery – Warns about scams promising winnings that lead to credential or identity theft.
  • Wire Fraud – Outlines common tactics in wire fraud scams and how to verify before transferring money.
  • Smishing & SMS – (Umbrella for Wrong Number SMS and other text-based attacks.)
Physical & Environmental Security
  • Tailgating – Highlights the physical security risk of unauthorized individuals following employees into secure areas.
  • Piggybacking – Similar to tailgating, but with active permission—how to recognize and prevent it.
  • Tailgating ISA – A compliance-focused variation on tailgating scenarios and remedies.
  • Printing Sensitive Information – Encourages proper handling and disposal of printed confidential data.
  • Mobile-Passcodes – Teaches the importance of strong mobile passcodes and device locking.
  • Traveling Abroad – Shares security tips for international travel, including device and data protection.
  • Insider Threat (Malicious) – Explores the risks posed by malicious insiders and how to recognize warning signs.
  • Insider Threat (Negligent) – Covers unintentional insider threats caused by negligence or lack of awareness.
  • If You See Something, Say Something – Encourages proactive reporting of suspicious activity to IT or security teams.
  • Where Is the Sensitive Data? – Helps employees identify and safeguard sensitive data in their daily workflows.
Technical Hygiene & Best Practices
  • Cloned Login Pages – Shows how attackers create realistic fake login pages to steal credentials.
  • Typosquatting – Teaches users to check URLs carefully to avoid lookalike domains.
  • HTTP vs HTTPS – Explains the difference and why HTTPS is crucial for secure browsing.
  • VPN – Highlights the importance of using a VPN on public Wi-Fi and securing remote access.
  • SIM Swapping – Covers how attackers take over phone numbers and how to safeguard accounts.
  • Ransomware Prevention – Explains what ransomware is and practical steps to prevent infection.
  • Malicious Attachments – Shows how seemingly harmless files can deliver malware and how to recognize them.
  • Updates – Promotes the importance of software updates in defending against vulnerabilities.
  • Mouse Overs – Teaches users how to hover over links to preview and verify before clicking.
  • Pretexting – Explains how attackers create convincing stories to trick users into giving up info.
  • Security Concerns – A general module covering best practices for identifying and reporting suspicious activity.
Cognitive Biases & Psychological Triggers
  • Reciprocity Bias – Explains how the instinct to return a favor can be exploited in phishing attacks.
  • Scarcity Bias – Shows how urgency and limited-time offers are used to trick users.
  • Urgency Bias – Demonstrates how attackers create a false sense of urgency to rush users into mistakes.
  • Bandwagon Effect – Explores how social proof and popularity can trick users into trusting fraudulent actions.
  • Confirmation Bias – Describes how attackers use expected information to build false credibility.
  • Consensus Bias – Shows how fake consensus or popularity can sway judgment in phishing attempts.
  • Self-Serving Bias – Reveals how overconfidence can blind users to real threats.
  • Signaling Bias – Explains how official-looking visuals can mislead users into trusting malicious messages.
  • Authority Bias – Shows how attackers impersonate authority figures to gain compliance.
  • Familiarity Bias – Demonstrates how attackers exploit known names and brands to build false trust.
  • Fear Bias – Illustrates how fear-based messaging can pressure users into clicking malicious links.
  • Ego Bias – Explains how personalized flattery in scams manipulates decision-making.