Is Education Your Best Weapon Against Cybercrime?

When Was the Last Time You Clicked a Phishing Link?

Come now, be honest.

Okay, I’ll go first. Mine was more recently than I’d like to admit. The email was quite convincing, and I was expecting a message from that person, so my mouse-clicking finger moved just a bit faster than my brain. It was a sale that I really wanted to make, a project I really wanted to work on. So I excitedly clicked on a link to view the proposal.

Were they going to go ahead with it?

Was I going to win big that day?

But as my web browser began to load, the gears finished turning in my head. The math came up short. It was wrong. I wasn’t sure why in that moment, but it felt bad. So before the page could finish loading, I closed the browser and immediately called our head of IT. He ran a scan and I waited with bated breath.

No compromises. I closed the browser in time.

I got lucky.

A lot of folks don’t get lucky, though. A lot of folks click those links, enter login credentials, give everything away to scammers.

This happens. All. The. Time.

Honestly, with our cybersecurity tools and 24/7 cybersecurity monitoring, I probably would have been fine anyway. Even so, I took this as a teachable moment.

When the dust settled and I had time to think things through, I realized why it felt so wrong. If this person had really been sending out a request for quote, they would have done so through a bidding platform, not a random link in an email. When I called this person, the first thing they said to me was, “Did you get an email? Yeah, that wasn’t me.” Sure enough, they had been compromised.

And that brings me to the root of the problem.

Hackers Use Our Humanity Against Us

No, I’m not advocating for replacing human employees with AI or robots. I’ve seen The Terminator, I know where that leads. And if you’ve heard anything about malicious “prompt injection” attacks targeting AI agents, ^[1] or the poor soul whose hard drive was wiped without permission, ^[2] you’ll know exactly why I think replacing humans with AI is a monumentally bad idea.

But the fact remains that the majority of data breaches, as much as 95% in 2024, ^[3] are caused by human error.

That can come in many forms, from insider threats to credential misuse, or, of course, simple phishing. In many cases, it’s people just not knowing any better.

I remember my parents clicking bad links in the early 2000s, so phishing is nothing new. But scammers still do it because it still works, shockingly well. From grandma giving away her bank login to whole countries being shut down, like Estonia in 2007, ^[4] phishing is an effective staple in the hacker arsenal for gaining access.

So, What Can You Do About It?

Easy. Educate yourself and your team.

You know that old Sun Tzu “know your enemy” stuff? Same principle, really. You can’t protect yourself from threats if you know nothing about them. Knowledge is power, and it just might save your business.

And no, I don’t mean by falling down the YouTube documentary rabbit hole and binge-watching hours of content on the history of cybersecurity and cyber warfare, like me. I’m just a nerd and I find this all fascinating.

I mean with an eTraining platform, like the one we provide for our clients.

Introducing Reality Bytes Learning Management

It’s a robust library of short, educational videos that we built for our clients, curated and updated by Microsoft experts to empower your staff.

The platform covers a wide range of topics, including the ins and outs of Microsoft 365, cybersecurity training, health and wellness, even psychology for sales and customer service, ensuring your team is well-equipped with the knowledge they need. Videos are kept short and sweet with a quiz at the end, so they’re easy to digest and fit in between other tasks. Great for retention!

You can assign learning paths for your staff to take, and track their progress as they go through their lessons and complete modules. You can even assign all your company policies to read and sign, and make sure they’re reviewed every year.

It’s an incredibly powerful tool, and one that every business should be using. Period.

And every client on our MSP Standard package and above have it included in their contract.

But Laura, that Must Be So Expensive!

No, not at all.

Our goal is to make learning and education accessible, because the best first line of defence is a good security posture. This is to your benefit, naturally, but it’s also good for us.

Think about it: the less risk you’re in, the less you’re compromised, the easier things are for our poor techs. I’m lucky, I get to write blogs, design pretty brochures, shoot and edit videos… I have the best freaking job. Other folks here have to spend their days dealing with the aftermath of people like me clicking phishing links.

Your success is our success, as we like to say. And we mean that.

Where Can I Find this Gold Mine?

If you’re a client of ours, you can find it by clicking the little arrow on your taskbar to show the hidden icons in your system tray. Then look for the little green alien chat bubble (that I designed) and click that.

When the Reality Bytes IT Management Tools window opens, click the three dots in the top right to open the menu, and then click RBI eTraining Portal. Easy peasy.

Sign in with your work Microsoft 365 account (should do this automatically with single sign-on) and you’re off to the races!

I’ll probably end up making a video or some sort of brochure that goes into more detail on the platform itself, but for now, I’m going to end things here, to keep this blog from going on too long.

Learning Should Be Lifelong

I love to learn, and if I ever found myself in a place where I couldn’t learn anything new, that would be my absolute nightmare. Education is our best weapon against cybercrime (and many other things), and I hope you’re like-minded!

If you’re a client on the MSP Standard plan and you didn’t know about this great tool of ours, I hope this was eye-opening for you! And I hope you get a lot of good use out of it.

If you’re not a client but think this platform might be a good fit for your business, come talk to us. We would absolutely love to walk you through it and tailor a solution to fit your needs with a free cybersecurity consult.

Cybercriminals think you’re an easy target. Let’s change that.

Additional Reading and Sources

1. What Is a Prompt Injection Attack? | IBM
2. Google's Agentic AI wipes user's entire HDD without permission in catastrophic failure — cache wipe turns into mass deletion event as agent apologizes: “I am absolutely devastated to hear this. I cannot express how sorry I am" | Tom's Hardware
3. 95% of Data Breaches Tied to Human Error in 2024 - Infosecurity Magazine
4. How Hackers Paralyzed an Entire Country