Cybersecurity Awareness Blog
5 March, 2026

People are increasingly the target of cyberattacks. Now what?

Around 6.2 million Odido accounts. Stolen by criminals who gained access through the accounts of customer service employees. First a phishing email to obtain a password, according to sources speaking to NOS, followed by a phone call in which they posed as the IT department. They convinced employees to approve a fraudulent login attempt, bypassing an additional security step.

No advanced malware. No technical vulnerability. Just an email and a phone call at exactly the right moment. That is what makes phishing and social engineering so dangerous: they do not target your systems. They target your people.

Behavior over technology

Firewalls, encryption and multi-factor authentication are all valuable security technologies. But they are only as strong as the employee who can be guided around them. Hackers increasingly succeed through human psychology rather than through a technical vulnerability. They know employees want to be helpful and exploit authority, time pressure and routine.

New technology strengthens this approach. Attackers use generative AI to write flawless phishing emails and create convincing deepfake voices. This increases the chance that help desks or employees trust a request.

An apparently legitimate request, an urgent tone and one wrong judgment is enough. Cybersecurity therefore largely comes down to human behavior. And it is precisely in that behavior where the greatest vulnerability lies.

Knowing is not the same as doing

Many organizations assume their employees “already know this.” One cybersecurity training a year, policies documented, done. But knowing is not the same as doing. And acting under pressure is very different from acting in a calm training environment.

The question is not whether your employees know what phishing or social engineering is. The question is whether they recognize it at the moment it truly matters. During a busy workday, with an urgent voice on the phone and a “colleague” waiting. If they are not fully alert for just a moment, the consequences can be severe. That policy with the annual training? It does not keep people alert all year.

Alertness fades

After a cybersecurity training, everyone is alert. Phishing emails are recognized. Suspicious phone calls too. But a few months later? Daily workload takes over, procedures become routine and new colleagues may not yet be up to date. Alertness fades quietly, without anyone noticing. And that is exactly where an attacker with a convincing story finds an opportunity. The risk of a successful phishing or social engineering attack increases significantly.

Cybersecurity awareness is not a fixed state. It is a condition that must be maintained. Without visibility and repetition, awareness declines and sharpness disappears.

Cybersecurity training Netpresenter

Train continuously and measure

Netpresenter Smart Campaigns turns cybersecurity awareness into a continuous process. Not a yearly session, but an ongoing campaign that keeps employees alert to current threats. Through PCs, mobile devices and TV screens, employees receive short, focused messages. About phishing, about social engineering, about what to do when they receive a suspicious request, and more.

Crucially, you do not just communicate. You also measure. Knowledge checks show whether the message has actually landed. You can see how knowledge levels develop, identify where additional attention is needed and adjust before a vulnerability is exploited. This can all be fully automated using AI agent technology.

Discover how Smart Campaigns works. Take a free Guided Tour today or request a demo by one of our experts.

Technology remains essential. But without continuous employee alertness, every organization remains vulnerable, as cyberattacks increasingly target people. Phishing and social engineering play a major role in this. The question is not whether your organization will ever be tested, but how well your employees are prepared when that moment comes. By making cybersecurity awareness training continuously visible and measurable, you build a culture in which alertness becomes the norm.

Sources: NOS (February 2025), Security.nl, BusinessWise

Photo
Joey Pernot

Joey is Netpresenter’s Content Manager. His passion is to inspire and educate through engaging and creative content. Joey loves to spend time with friends and travel the world.