Threats library — 12 topics, one format.
Each article follows the same nine-section format: What is X? • At a glance • How to spot it? • How to protect yourself • Real examples • What to do if it happens? • FAQ • Further topics • Training.
Recognise & stop phishing — the complete guide
94% of all successful cyber attacks start with a phishing email. Here is how to unmask them in three seconds — and what to do when someone has already clicked.
Smishing & vishing — phishing via SMS and phone
SMS phishing and phone phishing combine technical tricks with human manipulation. We show how to spot both variants — and why calling back is dangerous.
Quishing — when the QR code lies
QR codes bypass classic email filters and link previews. Quishing attacks exploit this deliberately — in letters, stickers on parking meters, fake menus.
CEO fraud & business email compromise (BEC)
BEC attacks often cause more damage than ransomware — and they target accounting, executive assistants, and M&A teams. We show how attackers exploit hierarchy and which process controls actually help.
Ransomware — when the whole company grinds to a halt
Ransomware attacks paralyse organisations for days and cost an average of six figures — even without paying the ransom. We show which entry points are most common and why backups alone are not enough.
Social engineering — manipulation as method
Social engineering is the foundation of nearly every other threat in this library. We explain the six classic levers (authority, scarcity, reciprocity, consistency, liking, consensus) and how they operate in the workplace.
Passwords & MFA — from risk to defence
More than three quarters of all data breaches involve compromised or weak credentials. We explain the 2026 state of the art — passkeys, FIDO2, MFA fatigue — and what employees need to do about it in practice.
Deepfakes & AI fraud — voice, video, style
AI-generated voices and videos are production-ready for everyday fraud in 2026. We show what is technically possible, how to recognise it despite that — and which processes genuinely protect against voice-to-voice attacks.
Insider threats — when the risk is already inside
Not every insider is malicious — most insider incidents are caused by negligence. We distinguish deliberate, negligent, and compromised insiders and show how cultural and technical measures work together.
Remote work & travel — when the office is everywhere
Home office, co-working spaces, airport lounges — every location brings its own risks. We provide concrete routines for travel, public Wi-Fi, meeting rooms, and home networks.
Mobile & BYOD — when the private phone carries company data
Smartphones are now work devices — but rarely managed like laptops. We show which risks arise from BYOD setups and where MDM, app containerisation, and training usefully work together.
Data leaks & shadow IT
Most data leaks in 2026 do not come from hacking, but from publicly configured cloud storage, forgotten SaaS trials, and ChatGPT inputs. We show how shadow IT is identified and channelled constructively.
All articles follow the same 9-section format: What is X? • At a glance • How to spot it? • How to protect yourself • Real examples • What to do if it happens? • FAQ • Further topics • Training CTA.
Ready to take awareness seriously?
30-minute demo. We'll show you a real phishing campaign, a quarterly report, and the NIS2 mapping — for your industry.