Phishing is when scammers attempt to deceive you into believing they are someone you trust, tricking you into sharing sensitive information or performing actions that benefit the attacker.
Be cautious of urgency. Don’t let emotions cloud your judgment.
Verify before you act. Call and confirm requests from known contacts.
Check email addresses and URLs. Look for spelling mistakes or discrepancies.
Enable Multi-Factor Authentication (MFA). Adds an extra layer of security.
Assess message style. If something seems off, question it.
Never click on suspicious links. Hover over them first to verify authenticity.
Avoid password reuse. Each account should have a unique password.
Use password managers like KeePass. They generate and store secure passwords.
Create long, complex passwords. Use a mix of upper/lowercase letters, numbers, and symbols.
Enable Two-Factor Authentication (2FA). Whenever possible, use 2FA to secure accounts.
Never store passwords in text files or spreadsheets.
Avoid sharing your passwords, even with colleagues.
Regularly update your passwords, especially after potential breaches.
Avoid free or public WiFi for sensitive tasks. Cybercriminals can intercept your data.
Use a VPN. This encrypts your internet traffic and protects your privacy (avoid free VPNs, as some may be malicious).
Verify the WiFi network name. Ask the barista, receptionist, or official source.
Prefer mobile data over public WiFi for transactions or confidential work.
Enable your firewall. This acts as a barrier between your device and malicious threats.
Keep your system updated. Install security patches and updates regularly.
Use trusted antivirus software. Regularly scan your system for potential threats.
Ransomware is malware that locks your computer or data, demanding payment to regain access.
Do not use company credentials for personal accounts.
Do not download files from unknown websites.
Back up important data regularly. Use offline or cloud backups.
Be cautious with email attachments. Avoid opening attachments from unknown sources.
Avoid plugging unknown USB devices into your computer.
Encrypt USB storage devices in case of loss or theft.
Be cautious with public charging stations. They may contain malware.
Wire fraud occurs when attackers trick you into wiring money to fraudulent accounts.
Verify banking details before transferring funds. Call a known contact from a previously verified number.
Be suspicious of sudden banking changes. Always confirm directly with the vendor.
Double-check email requests for fund transfers. Phishing attacks often target financial transactions.
Report any suspicious activity immediately. Notify IT/security teams.
Change your passwords if you suspect compromise.
Disconnect from the internet if necessary. This can prevent further data loss.
Refer to the security team’s guidelines for further action.
Security is everyone’s responsibility. Stay vigilant, follow these best practices, and report any concerns immediately. By implementing these guidelines, we can create a more secure working environment for all.