Knowledge base for security awareness, phishing and NIS2
The 2LRN4 knowledge base is built for topical authority. It includes 149 in-depth articles on phishing, employee behavior, NIS2, security awareness strategy and incidents or data breaches.
Phishing
Email security and social engineering: what employees need to know
Practical guidance on email security and social engineering for organizations that want to improve secure behavior structurally.
External sender warning in Exchange: how effective is the banner?
An external-sender banner interrupts autopilot, but its effect fades through habituation and a false sense of safety. How to weigh and design it, and what employees really need to know.
How do phishing simulations work in training?
Practical guidance on how phishing simulations work for organizations that want to improve secure behavior structurally.
How to spot CEO fraud and prevent it
Practical guidance on how to spot CEO fraud for organizations that want to improve secure behavior structurally.
Phishing and account abuse in education
Practical guidance on phishing education for organizations that want to improve secure behavior structurally.
Phishing follow-up in the public sector
Practical guidance on phishing follow-up public sector for organizations that want to improve secure behavior structurally.
Phishing KPIs that actually matter
Practical guidance on phishing KPIs for organizations that want to improve secure behavior structurally.
Phishing red flags employees should know
Practical guidance on phishing red flags for organizations that want to improve secure behavior structurally.
Phishing risks in healthcare: what you should and should not measure
Practical guidance on phishing risks healthcare for organizations that want to improve secure behavior structurally.
QR phishing and physical social engineering
Practical guidance on qr phishing for organizations that want to improve secure behavior structurally.
Safe Links in Exchange (Safe URLs): why URL rewriting is false security
Safe Links (Safe URLs) in Exchange rewrites links for time-of-click scanning, but it hides the real destination and breeds false security. Read the dilemmas and what you, as an administrator, should do instead.
Safe payment verification procedures
Practical guidance on payment verification procedures for organizations that want to improve secure behavior structurally.
Smishing and vishing risks are growing
Practical guidance on smishing and vishing for organizations that want to improve secure behavior structurally.
Spear phishing examples from real organizations
Practical guidance on spear phishing examples for organizations that want to improve secure behavior structurally.
Vendor fraud by email explained
Practical guidance on vendor fraud for organizations that want to improve secure behavior structurally.
What is phishing?
Practical guidance on what is phishing for organizations that want to improve secure behavior structurally.
When phishing simulations backfire
A phishing simulation that humiliates does not train alertness but distrust of the employer. Why simulations should teach, not catch, and why the report rate beats the click rate.
Why a leadership video after phishing creates more impact
Practical guidance on leadership video phishing simulation for organizations that want to improve secure behavior structurally.
Why phishing simulations work
Practical guidance on why phishing simulations work for organizations that want to improve secure behavior structurally.