top of page

Tech Security Best Practices

Find here a list of Technology Security best practices such as:

  • Contact Information

  • Information About Phishing

Phishing

 

What is Phishing?

​

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

The information is then used to access important accounts and can result in identity theft and financial loss.​

​

What does it look like?

​

  1. Too Good To Be True - Lucrative offers and eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim that you have won an iPhone, a lottery, or some other lavish prize. Just don't click on any suspicious emails. Remember that if it seems to good to be true, it probably is!

  2. Sense of Urgency - A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond. When you come across these kinds of emails, it's best to just ignore them. Sometimes, they will tell you that your account will be suspended unless you update your personal details immediately. Most reliable organizations give ample time before they terminate an account and they never ask patrons to update personal details over the Internet. When in doubt, visit the source directly rather than clicking a link in an email.

  3. Hyperlinks - A link may not be all it appears to be. Hovering over a link shows you the actual URL where you will be directed upon clicking on it. It could be completely different or it could be a popular website with a misspelling, for instance, www.bankofarnerica.com - the 'm' is actually an 'r' and an 'n', so look carefully.

  4. Attachments - If you see an attachment in an email you weren't expecting or that doesn't make sense, don't open it! They often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.

  5. Unusual Sender - Whether it looks like it's from someone you don't know or someone you do know, if anything seems out of the ordinary, unexpected, out of character or just suspicious in general don't click on it!

Resources:

​

For more information, visit https://www.phishing.org/what-is-phishing and refer to your required HR courses on Technology Security

​

.

What do I do if I come across a phishing message?

​

Should you come across a phishing message:

  • DO NOT OPEN

  • Flag it/Report it to Microsoft

  • Report it to your email provider

 

If you have opened it or accidentally sent it to the team:

  • Disconnect device from internet

  • Report to Head of TECHSEC  or visit  https://us-cert.cisa.gov/report-phishing  to report phishing sites

  • Inform any team members you might have shared the message with of the phishing email

.

bottom of page