Our IT teams regularly send out notices on phishing scams, password resets, and links to be weary of within emails. Have you ever wondered what it all means and why it’s so important? Here we will go over what it all means, why you should pay attention to these notices from IT, and email and password best practices to help keep your information secure.
Phishing is the process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity using bulk email which tries to evade spam filters. Emails claiming to be from popular social web sites, banks, auction sites, or IT administrators are commonly used. More than 90% of successful hacks and data breaches start with phishing scams. These emails can cause viruses and lead to ransomware.
What to do if you receive an email that seems phisphy:
Your IT Team will never send a request via email for your password or ask you to verify your password by clicking on a link. If you receive an email requesting to verify your password by clicking on a link, delete it and do not respond to or perform the action being requested. If your company uses Multi-Factor Authentication where possible and multiple layers of security, you are the last defense against these kinds of threats!
Email Best Practices
✔️Report any suspicious email activity to your IT team to ensure they are aware of the attack.
✔️Always double check the sender and ensure the ‘From’ address is accurate.
✖️Don’t take any action. Delete the email instead of unsubscribing, replying or taking any action other than delete.
Password Best Practices
✖️Do not use passwords between computer applications inside or outside of your organization. If you have used the same passwords at work as you have for outside applications. If you do use the same or similar passwords, you should change your business passwords ASAP.
✖️Don’t write down or store your passwords on paper in plain sight! Please do not document passwords on paper and leave them at your desk where they can be seen by others.
✔️Rotate/change passwords every 90 days or sooner.
✔️Create unique passwords that use a combination of words, numbers, symbols, and both upper- and lower-case letters. Some of the easiest-to-remember passwords aren’t words at all but collections of words that form a phrase or sentence, perhaps the opening sentence to your favorite novel, or the opening line to a good joke. Complexity is nice, but length is key.
✖️Do not choose passwords based upon details that may not be as confidential as you’d expect, such as your birth date, your Social Security or phone number, or names of family members/pets.
Extra Resources on Email and Password Best Practices
Email Security Do’s and Don’ts
Phishing Social Media and General Email Subject Lines