Learning Materials

Cyber threats you should know

A clear overview of common online threats and practical protection tips.

Recognize common patterns

Prevent and strengthen protection

Respond correctly

Quick warning signs

Unexpected login / password reset notifications
Urgent messages pushing you to click a link
Requests for verification codes or personal data
Suspicious attachments or “updates”

Threat categories

Understand how they work and what to do in practice.

Phishing and Social Engineering

Attackers impersonate trusted institutions (banks, schools, employers) to steal credentials or sensitive information.

Typical pattern

Urgency + link to a fake login page.

Malware and Spyware

Malicious software can steal data, record keystrokes, or take control of a device.

Common entry point

Pirated software, suspicious attachments, or fake updates.

Ransomware

Files are encrypted and a ransom is demanded for recovery. Regular backups are critical.

Best protection

Offline backups + regular updates + least privilege.

Account Takeover

Stolen credentials are reused, allowing attackers to gain full control of your account.

Warning sign

Unexpected password reset or new login notifications.

Unsafe Networks and Wi-Fi

Unsecured Wi-Fi networks can expose your traffic or redirect you to fraudulent pages.

Quick fix

Use WPA2/WPA3 and change default router credentials.

Online Manipulation and Scams

Scammers exploit emotions such as fear, urgency, romance, or authority.

Basic rule

Pause, verify the sender, and never share verification codes.

How Attacks Typically Unfold

Most incidents follow a similar sequence. Understanding it helps you interrupt the attack early.

Delivery

Phishing emails, compromised websites, or malicious attachments.

Execution

The victim clicks a link, opens a file, or enters credentials.

Persistence

The attacker establishes long-term access to the device or account.

Impact

Data loss, financial damage, extortion, or reputational harm.

View incident response steps

Baseline protection with the greatest impact

Focus on measures that stop most real-world attacks.

Updates

Enable automatic updates for your operating system and applications.

Passwords

Use a password manager and create unique passwords for every account.

Two-Factor Authentication (2FA)

Prefer authenticator apps over SMS messages.

Backups

Maintain at least one offline backup of important data.

Least Privilege

Use administrator accounts only when absolutely necessary.

Router Security

Change default login credentials and disable WPS.

Most successful attacks exploit weak security habits, not advanced hacking techniques.

WHAT TO DO IF SOMETHING HAPPENED?

A simple checklist for suspicious messages, compromised accounts, or suspected malware.

STEP 1

Stop and isolate

Disconnect from Wi-Fi / cable if you suspect malware. Do not continue clicking.

STEP 2

Secure your email first

Change email password, enable 2FA, review recovery email/phone and active sessions.

STEP 3

Change passwords on important accounts

Banking, social networks, school/work accounts. Use unique strong passwords.

STEP 4

Check device security

Run a full scan, remove suspicious extensions/apps, update OS and browser.

STEP 5

Monitor and report

Watch for transactions, messages sent from your accounts, and report to admin/support if needed.

Do a quick self-check

Quick self-check (2 minutes)

If you answer “No” too often, focus on the basics. Small changes significantly reduce risk.

I use different passwords for important accounts.

Passwords

2FA is enabled on email and social networks.

2FA

My system and browser update automatically.

Updates

I can restore files from a backup if needed.

Backups

I verify suspicious messages via another channel.

Verify

Tip: enable 2FA first on email — it protects access to most other accounts.

Mini learning scenarios

Short situations you can recognize instantly.

Scenario 1

You receive a “bank security alert” SMS with a link.

Do not open the link. Open the official banking app/website manually or call the bank using a number from their official site.

Scenario 2

A friend asks you for a verification code “just for a moment”.

Never share codes. Their account may be hijacked. Verify by calling the person and report suspicious behavior.

Scenario 3

Pop-up says your PC is infected and you must install “cleaner”.

Close the browser tab. Do not install anything from pop-ups. Run a scan using trusted security tools and update the system.