A Beginners Guide to Information Security Awareness – Part 2

• Think before you click unknown links in your email.
• Don’t type sensitive information in an email.
• Pay attention to phishing traps in your email and watch for tell-tale signs of a scam.
• Don’t open mails or attachments from an untrusted source.
• If you receive a suspicious email, the best thing to do is to delete the message or add it as SPAM in your email settings.

Do not share, write down or send your password over insecure websites e.g Websites’ URLs starting with http:// .

You should only type your passwords and confidential data on websites’ URLs that begin with  https://

• Look for evidence that a webpage is secure and legitimate before you enter sensitive data.
• When banking or shopping, check to be sure the site security is enabled.
• Look for web addresses with  https://  which means the site takes extra measures to help secure your information. “http://” is not secure.
• Surfing the Internet on suspicious websites should be avoided. Some of these websites are developed with the sole purpose of spreading malware.

• Use different passwords for different accounts. If one password gets hacked, your other accounts won’t be compromised.
• Information you share online about yourself or comments you post can become public. They also may remain in search results for years to come, potentially visible to a future employer.
• Don’t post any private or sensitive information, such as credit card numbers, passwords or other private information, on public sites, including social media sites.
• Manage who can view your social media profile and how public or private you want your profile to be.

• Confirm an anti-malware program is installed and is automatically updated at least once a day.
• Anti-malware programs helps protect your computer by scanning downloaded files for the latest threats, and detecting and removing any detected virus(es) before they have a chance to inflict damage on your system.
• Don’t install unauthorized programs on your work computer. Malicious applications often pose as legitimate software.
• Don’t plug in portable devices to your work computer at the office without permission. Your phone might be compromised and can spread malware through the network once plugged to a computer.
• Prevent unauthorized access to your data by locking your computer (Windows Key + L) when not in use.

• Always display your identity cards when within your work premises.
• Challenge unknown visitors without an access badge (Politely).
• Do not bring weapons, hazardous/combustible materials etc. into your work premises (Things can go from 0 to 100 real quick).

• Social engineering exploits your trust by tricking you into helping a criminal gain access to your computer and sensitive personal information.
• Scams such as your business email or social account compromise rely upon social engineering in order to be successful.
• Be cautious of communications that persuades you to act immediately, offering something that sounds too good to be true, or asks for personal information.
• Don’t be deceived into giving away confidential information. It’s easy for an unauthorized person to call and pretend to be an employee or business partner.
• Don’t respond to phone calls or emails requesting confidential data.