Back to catalog / Learning Track
Learning Track

Cybersecurity Basics: Passwords, Phishing, and Everyday Scams

A practical beginner course on safer passwords, phishing detection, MFA, and the scam patterns that catch ordinary people off guard.

4
Lessons
3
Assessments
0%
Your progress
What You Will Practice
Move email, banking, and admin accounts into a password manager first.
Use a unique master passphrase that has never been used anywhere else.
Turn on MFA for the vault before you migrate everything else.
Do not use the link in a high-risk message for login or payment.
Check the sender domain, not just the display name.
Verify unusual requests in a separate trusted channel.
Cybersecurity Basics training diagram
Sign in to track progress
Track Signals
Read this as the operating posture for the whole sequence.
Swipe on mobile
Track logic

Sequential lessons and checkpoints force real judgement instead of passive scrolling.

Completion path

0 done, 4 still in play before the track completes.

Completion proof

Ether Vessel Learning issues the completion record once the full track is finished.

Lesson Rail
Jump directly to the next section instead of scrolling through the full track.
4 lessons
Course Map

How the track is structured

4 lessons in sequence
How this course runs
3-stage loop
1. Read
Work through the lesson framing, scenario, and examples instead of skimming one text slab.
2. Decide
Pass the checkpoint when a lesson actually needs a progression gate.
3. Prove
Finish the track to keep a clean transcript and unlock a certificate when available.
Course outline
Lesson inventory
  1. checkpoint
    Why reused passwords fail, what a password manager solves, and how to choose one sane first step.
  2. How urgency, fake logins, and brand imitation are used to push people into handing over credentials.
  3. content only
    Why passwords alone are not enough, and how to protect the accounts that reset every other account.
  4. checkpoint
    The recurring patterns behind invoice scams, fake support, delivery fraud, and impersonation attempts.
Lesson 1

Passwords and Password Managers

Assessment required
Lesson Framing

Why reused passwords fail, what a password manager solves, and how to choose one sane first step.

Reading flow Scenario Practice Visual aids Checkpoint finish
Lesson Flight Path
Work this lesson as stages instead of one continuous document.
4 stages
1
Orient
Frame the lesson, key idea, and scenario before you start detail work.
2
Absorb
Work through the reading deck and supporting visual aids as separate idea blocks.
3
Rehearse
Use walkthroughs, decisions, examples, terms, and checklists to practice judgement.
4
Prove
Finish the checkpoint gate to clear the lesson and unlock the next stage.
Navigate This Lesson
Jump between the live blocks instead of working top to bottom as one page.
1 of 11 visible
Current lane
Framing
Story lane trims the lesson down to context and visuals. Practice lane keeps only drills, examples, and recall. Proof lane isolates the progression gate.
Vault First training diagram
Key Idea
What attackers actually do
Credential stuffing is industrialised reuse of leaked passwords. The weakest old account becomes the key to your current email, shopping, and work tools.
Core Reading Deck
Move card by card instead of parsing one long slab. Each panel is a distinct idea in the lesson narrative.
7 reading cards
Reading flow
1
Most account takeovers are not cinematic hacks.
2
If the same password protects your email, shopping account, and a forgotten forum acco...
3
The fix is not "try harder to remember strong passwords." The fix is to stop relying o...
4
Use a password manager to generate a different long random password for every site.
5
Start with the accounts that cause the most damage if lost: - your email - your passwo...
6
If you are still saving passwords only in the browser, that is better than password re...
7
Do this today: 1.
How to use this section
Read one card at a time and stop after each shift in idea.
Use the scenario and decision cards after the reading, not before.
Treat the checklist as the operational extraction from the deck.
Card 1
Most account takeovers are not cinematic hacks. They are automated re-use of passwords leaked from some other website you barely remember joining.
Card 2
If the same password protects your email, shopping account, and a forgotten forum account from years ago, the weakest site becomes the door into everything else. Attackers buy or scrape leaked credential lists, then test them everywhere.
Card 3
The fix is not "try harder to remember strong passwords." The fix is to stop relying on memory at all.
Card 4
Use a password manager to generate a different long random password for every site. Your job becomes remembering one strong master passphrase and protecting that vault with MFA.
Card 5
Start with the accounts that cause the most damage if lost: - your email - your password manager - banking and payments - business admin accounts
Card 6
If you are still saving passwords only in the browser, that is better than password reuse, but it is still convenience-first. A dedicated password manager gives you better cross-device access, safer sharing, and stronger vault protection.
Card 7
Do this today: 1. Pick a password manager. 2. Create a long master passphrase you have never used anywhere else. 3. Change the password on your email account to something unique and random. 4. Turn on MFA for the vault itself.
Scenario
Starter scenario
Situation card
What is happening
A reused password from an old forum breach is tested against your email account. If it works, every reset link in your life becomes exposed within minutes.
How to use it
Pause before the walkthrough and make your own call about the situation.
Use the decision and checklist sections to test whether your instinct holds up.
Walkthrough
Follow the sequence like a guided runbook.
3 steps
1
Choose the first accounts to migrate
Start with email, password manager, banking, shopping, and admin logins because those accounts either move money or reset everything else.
2
Create one strong master passphrase
Use a passphrase that is unique to the vault. Do not recycle a password from any previous service or old personal pattern.
3
Replace reused passwords systematically
As each service is visited, generate a new random password and save it immediately so no reused credential remains in circulation.
Decision Flip Cards
Front side gives the choice cue. Flip for the reasoning and consequence.
Tap card to flip
Field Notes
These are meant to punctuate the lesson, not disappear into it.
Root risk
Email comes first
If email falls, reset links turn one weak password into a full identity takeover.
Control
Vault-first migration
Move the highest-impact accounts into the password manager before low-risk logins.
Anti-pattern
Small variations are still reuse
Season2026!, Season2026@, and Season2026Work are still a family attackers can guess.
Attack Path
Read this like a gallery strip of how the event unfolds.
Swipe or scan left to right
01
Old breach happens
A low-value forum or shopping site leaks a password you reused elsewhere.
02
Credential stuffing starts
Attackers test the same email and password against your current accounts.
03
Email is taken
Once the inbox opens, reset links become a takeover path for other services.
04
Vault breaks the chain
Unique passwords per site prevent one leak from unlocking everything else.
Decision Matrix
Topic
Password strategy
Weak move
Reuse one memorable password with small variations.
Stronger move
Generate a different random password for every service.
Topic
Priority order
Weak move
Migrate low-risk sites first because they are easier.
Stronger move
Start with email, password manager, banking, and admin accounts.
Worked Samples
Treat each sample like a specimen card. Open only the one you are reviewing.
1 sample
Credential reset lure
Email
Subject: Password Expiry Notice Your corporate password expires today. Review your account status and confirm access immediately: portal-security-check.example-reset.net Failure to comply may result in mailbox suspension.
What to notice
Pressure to act today
Link is not the normal sign-in route
Threat of suspension used as leverage
Examples Gallery
Front shows the situation. Flip for the explanation.
Tap card to flip
Key Terms
Use these as flashcards rather than reading them as a glossary dump.
Tap card to reveal definition
Use pattern
Front is the trigger word. Flip only after you try to explain it from memory, otherwise the glossary becomes passive reading again.
Practice Checklist
Use this as the action list to internalize the lesson, not a footer afterthought.
3 checks
1. Scan
Read the actions once to get the full operator sequence.
2. Rehearse
Match each action back to the walkthrough or scenario that justified it.
3. Apply
Use the checklist as the compressed version you would actually carry into work.
1
Move email, banking, and admin accounts into a password manager first.
2
Use a unique master passphrase that has never been used anywhere else.
3
Turn on MFA for the vault before you migrate everything else.
Lesson 2

Spotting Phishing Before You Click

Locked Assessment required

Complete the previous lesson to unlock this section.

Lesson 3

MFA and Account Recovery

Locked

Complete the previous lesson to unlock this section.

Lesson 4

Recognising Common Scam Patterns

Locked Assessment required

Complete the previous lesson to unlock this section.