News and Insights
Cybersecurity Awareness Month: The Day I Clicked the Wrong Link
October 10, 2025
Why the Stakes Have Never Been Higher
Key Takeaways
- Even the most careful people can fall for phishing—awareness must be ongoing.
- Small security habits like MFA, software updates, and password managers make a big difference.
- With AI-driven phishing on the rise, cybersecurity is everyone’s responsibility.
Every October my feed fills with “Cybersecurity Awareness Month” posts. For years I read them and thought, I am careful enough online. I wouldn’t fall for that. Famous last words…
Throughout my life and as a part of my job, I have often attended cybersecurity trainings, so I thought that I was careful and knowledgeable enough to not fall for a phishing attempt. I guess I was wrong!
A while back, I received what at first glance looked like a perfectly legitimate message. I had a very busy day packed with back-to-back calls and without much thought, I clicked the link. It turned out not to be an actual phishing attack but a simulated phishing test run internally by our Finn Partners security team. I got lucky that day, but that experience made me pause and rethink my online habits.
Since then, I have made concrete changes:
- I double-check sender addresses and URLs before clicking
- I click on the Phish Alert symbol in Microsoft Outlook if an email seems suspicious
- I update software immediately instead of hitting “remind me later”
- I have stopped reusing the same password (or variants) and adopted a password manager
- Multi-factor authentication (MFA) is on for everything!
The Real Cost: Why these “Small” Actions matter
The actions I took might seem obvious and small, but they make a big impact. Even one mistake (clicking a link, delaying an update, reusing a password) can have large consequences.
According to IBM’s 2025 Cost of a Data Breach Report, the global average cost of a data breach is now around US$4.44 million. The report found that the impact of a breach varies significantly depending on the industry. At US$7.42 million, the healthcare industry remains the most expensive for breaches.
Phishing remains one of the most common initial vectors. In the 4th quarter of 2024, over 989,000 unique phishing attacks were detected worldwide. Many phishing attacks begin with an email like the one I received.
The rise of AI has also led to an increase in such attacks. In fact, according to IBM’s 2025 Cost of a Data Breach Report, one in six organisations experienced data breaches involving AI-driven attacks, primarily through AI-generated phishing and deepfake scams. With these developments, it is crucial that we are even more vigilant and implement measures to ensure our data is protected.
What This Means for Us at Finn Partners
At Finn Partners, we work to help clients navigate complex issues, and cybersecurity is a critical one. Protecting data, respecting privacy and staying vigilant online are necessary to the success of any business. That is why awareness months like this are so important.
Small actions matter because they help create a culture where security is not just the responsibility of the IT department, but everyone’s responsibility. If something goes wrong, it affects all of us. Cybersecurity Awareness Month might just be one moment in the calendar, but it is a very useful one to remind us that staying secure is a daily practice.
My Challenge and Yours
As it is truly essential that we all work together to fight cybercrime, here is my challenge to you (and myself): pick at least one new security habit this month and make it stick. Whether it is changing old passwords, reporting suspicious emails to your IT department, turning on MFA across accounts, installing updates immediately, or pausing before clicking a link, commit to making it part of your regular routine.
By this time next October, maybe we will not need the reminder because security will be a habit, not just a “special month” priority.