"Top 10" Online List of Secure Computing Tips
1. Don’t tap or click a link in an email message or document and expect it to take you to a financial site. Take the time to type the address into your browser. You’ve heard it a thousand times, but it’s true.
2. Don’t open an attachment to any email message until you’ve contacted the person who sent it to you and verified that she intentionally sent you the file. Check the RELY TO email address, as Phishing attempts come from known lead roles, posted on your website, or LinkedIn, etc. Verify it's from the user's email, with exact spelling, as some Phishing goes as far as changing the Reply To email, by one letter, or easily missed change. ie: firstname.lastname@example.org, changed to email@example.com, or @denvrteam.com.
Even when legit, it can be a virus, so use your judgment and simply email the fellow staffer, a new email, asking if they meant to send this file or link, to you.
Any request to change, edit, alter, send ANY financials should not be done online, ever. Internal Company Policy should be to require two signatures for any financials, or talk in person.
3. Don't use or open your or any personal email on office systems, and vice versa, do not open work email on your home pc, unless it's verified secure.
Please never Remote into office Servers, using any pc other than your work pc, that has been setup via the IT team/us.
Please never use your work email address to create any username, ie: Hotels, Amazon, you name it. Nor use Social Websites, click links. Simply use your work email, for work or work system, and even then if you receive an attachment from a coworker, if you are not expecting, or it isn't common, still do not open right away, first email them, using a new email, and ask if they meant to send, said file/attachment.
4. Today, many emails can say your bosses name, or fellow employee in the descriptive name, but if you Reply To, verify the reply To address is legit. Spoofing is when you receive a message claiming to be from someone you know, yet the Reply to email address is fake. * Esp beware if they ask to change any bank or financial information, or ask anything of you, including, to click a link or file. Best to email them directly, outside the sent email, and inquire about the suspicious email. Your boss will not get mad, that you waited for his/her confirmation, and most internal company policies are to Never digital request for financials, that should be managed in person, or signed off on. Trust your instincts, and be suspicious as your IT Admin can deploy the most secure Anti Virus and End-Point protection on earth, but it's your caution that ultimately protects your work. Security starts between the ears.
5. The most secure way to store passwords in 2018 is to use a dedicated password manager, or encrypt a file, and save to cloud account - never save password in your web browser. An intruder who has unrestricted access to your computer for even a minute can view and copy all of your saved passwords just by visiting an easy-to-remember settings page: chrome://settings/passwords.
The best password managers for 2019
6. Don’t forget to change your passwords. and don’t use the same password for two or more sites. ** If you reuse your passwords, make sure you don’t reuse the passwords on any of your email or financial accounts. Some companies require password changes, but its your efforts that make the difference, at work and home. Security starts with the end user practices, as all the leading Anti Virus programs are learning the newest vulnerabilities day to day. Its up to us, to help stop the villains!
7. Don’t use Wi-Fi in a public place unless you’re running exclusively on HTTPS-encrypted sites or through a virtual private network (VPN).
8. There are lots of scams — and if you hear the words “Western Union” or “Postal Money Order,” run for the exit.
9. Don’t trust anybody who calls you and offers to fix your computer. The “I’m from Microsoft and I’m here to help” scam has gone too far. Stay skeptical, and don’t let anybody else into your computer, unless you know who he is.
10. Don't let others use or know your Office login, no matter if you work together or are friendly. Better safe than sorry.
Protect your Personal Information: