New Social Engineering Cyber Training – Coming Soon
We will shortly be launching a new cyber awareness training module for all staff.
This module looks at how and why cyber criminals use Social Engineering to manipulate, influence, and deceive people into taking negative actions. This underpins many modern cyber attacks, and understanding how it works, helps you recognise the threats across email, phone, text message, and social media.
What is the training?
This module is made up of short, focused videos, along with a few brief quizzes to reinforce key messages and develop the skills needed to spot and respond to increasingly convincing attacks.
The entire training takes under 20 minutes to complete.
What does the training cover?
The module explores how social engineering is used in everyday attacks, including:
- Social Engineering – what is it, why it works, and how attackers exploit it
- Smishing (text scams) – what smishing looks like and why it can be very effective and attractive to attackers
- Vishing (voice scams) – the use of calls to impersonate organisations and colleagues, or to underpin phishing attacks
- The Dangers of Oversharing – how sharing information online can lead to being targeted in an attack
- Social Media as a Phishing Tool – how social media platforms can be used to collect your data and then use it
The focus is on recognising behavioural cues and manipulation tactics, rather than technical detail.
Why is this important?
Many people think of cyber attacks as a technical issue or hacking the network. In truth most successful attacks start with social engineering. Many professional cyber criminals don’t hack the device, they hack the people.
Attackers rely on:
- Urgency and pressure – to make a quick decision
- Authority and familiarity – to appear legitimate
- Distraction or conditioned response, especially on mobile devices
Social engineering targets normal human behaviour – anyone can get caught out in the right circumstances, regardless of role or experience. This training helps build awareness of these tactics and supports safer decision‑making, especially when messages appear routine, urgent, or believable.
Why does everyone need to complete it?
Social engineering attacks are not targeted at specific roles or departments they are sent to anyone with an inbox, a phone number, or a social media account.
Completing this training ensures everyone has a shared understanding of:
- how modern scams are constructed
- how attackers try to influence our behaviour
- how to pause, assess, and respond safely
Cyber security is a shared responsibility, and awareness remains one of the most effective ways to reduce risk across the organisation.
By completing this course, you are helping to keep our organisation and each other secure.
What Next
This week, you will receive an email from:
Moray Council Cyber Awareness no-reply@metacompliance.com
Which will contain the following link. You need to click on the link within the email to access the cyber awareness training.
