- Don’t click on direct links (in emails, text messages, etc.), especially those that are asking you to enter sensitive information. It’s best to go directly to the source.
- Don’t overshare on social media. These details can provide hackers with your location, ammunition
to craft spear phishing attacks, and answers to security questions. Think before you share!
- Don’t go “out of bounds” for communication. E.g. if you’re buying something on eBay, and the other
party wants to negotiate via email instead of the bidding system.
- Never reuse passwords between any website or service.
- Always be skeptical of any unexpected invoice, or request to get or pay for anything by using gift
- Never answer authentication recovery questions (e.g. What is your mother’s maiden name?)
with real answers. Unfortunately, that means you’ll have to write down each question and
answer for each website that requires them, but you’ll be far less likely to have your
- It is ok to speak to (confirm with) an email sender’s request to transfer that $30,000 by the end of
the day, even if it is your boss. Better safe than sorry.
- Know who to report any suspicious emails to at your workplace. Don’t delete the email – report it.
- Invest in a password management tool – ain’t nobody got the time to remember all those
- Be vigilant with suspicious SMS messages. Your bank will NEVER ask you to access your account
from an SMS.