New vulnerabilities and attacks on online data are always being uncovered. The Thomas Technology group would like to remind everyone of some security tips to help protect against this, as well as other threats (Phishing, Viruses, Spyware, Identity Theft, etc.).
- Don’t click on links in unsolicited emails!!!
- This is always a tricky step to navigate through. In most cases, a link from someone you know or an email you are expecting is safe (such as the ones at the bottom of the TeamThomas IT Emails). To help validate these links, we suggest hovering your mouse over the link without clicking. Next, confirm what it says on-screen matches what the browser shows on the bottom of the page (see screen-shot).
- Another link example is when the visible text has the link embedded into it directly. If you hover your mouse over the linked words, you should easily be able to confirm where that link will go as well:
- If the text says one thing, but hovering shows another, please be very suspicious of that link.
- Phishing sites rely on a person clicking on a link without being a bit more cautious. The email will come in and claim to be from “Your Bank” but the link will go to “Bad Guy’s Website” and it will be crafted to look almost exactly the same as “Your Bank’s” website. If you hover your mouse over the link, you might see that the link isn’t actually taking you to “Your Bank”. If you are unsure if an email is legitimate or not, go directly to the website it is purporting to be by typing the URL in the browser bar manually.
- Similarly: Be wary of attachments in emails, and don’t open them from unknown/untrusted sources!
- Often, attackers will send over Word, Excel, PDF, ZIP, or HTML files, asking you to perform some sort of action on them (click on links within, download/run, enter personal info, etc.). Again, if the sender is asking you to do this and is purporting to be a specific site, then go directly to the site by typing the URL manually. If unsure, contact the TeamThomas IT HelpDesk, or call the site’s customer service line (especially if it is a banking or credit card site).
- Don't accept any "updates" from 3rd party websites.
- This includes any site that claims you need an updated: Flash, Java, Shockwave, Silverlight, Defender, Windows Patch, Chrome, Firefox, etc., etc., etc. Always go directly to the vendor's source to obtain any patches, never click links on sites that offer them to you. If in doubt, do nothing, and contact support!
- Backup your data!
- Worst case scenario, if your system crashes/becomes inaccessible, having a backup of your data is invaluable! There are many inexpensive backup solutions available for home-use, and anything you save on network drives at Thomas is backed up automagically, as well as documents you save in Google Drive.
- Use a strong and unique password!
- Use multifactor authentication whenever possible! If your password is stolen, and you were also using multifactor authentication, an attacker's ability to gain access to that account is significantly reduced.
- The next two steps are (generally) done automatically by the operating system, but should be done manually from time-to-time as well. We suggest you also follow these steps on any computer that you manage on your own (i.e.: your home computer).
- Keep your system updated with security updates and patches!
- This includes, but is not limited to: Windows Updates, macOS Updates, FireFox Updates, Chrome updates, MS-Office Updates, Java, Flash, Adobe Reader, etc.
- Most of these programs will “auto-update” themselves, but it doesn’t hurt to manually do so from time-to-time.
- Run anti-virus/anti-spware software and keep the definitions updated!
- Again, these programs will likely "auto-update" themselves.
- Keep your system updated with security updates and patches!
Comments
0 comments
Please sign in to leave a comment.