Top Tip #1: Keep your PC up to date and shutdown your device overnight.
If you are using a personal device for work activity, ensure that the operating system, application software and Anti-Virus software are kept up to date. For a Windows device, you can do this by typing “Check For Updates” after clicking the Windows icon. It is also good practice to shut down your device overnight as this ensures it goes through necessary updates and reboot cycles. This also ensures your device is not accessible when it is not being used.
Top Tip #2: Do not use personal email accounts or personal cloud storage for sending commercial data.
If sending commercial or work related data, we do not recommend using your personal email accounts or cloud storage.
Top Tip #3: Practice good password management
Ensuring you have a strong password should minimise the risk of having your account compromised. Where possible, use a combination of letters, numbers and symbols and remember that crafting a password that is longer, should make it stronger. Where possible, we recommend enabling multifactor authentication (MFA), which is an additional step to authenticate your account.
Top Tip #4: Be vigilant to spot Phishing emails
When spotting phishing emails, we recommend looking out for poor grammar, punctuation, and design. If the email does not address you by name but as ‘valued customer’ or ‘friend’, this can be a sign that the sender does not know you and is part of a phishing scam. Additionally, look at the sender’s email address and see if it is a legitimate address. Remember, a bank or official source will never ask you to confirm personal details over email.
Top Tip #5: Make sure any public Wi-Fi you are using is secure
Unsecured public Wi-Fi networks are prime spots for malicious parties to spy on all the data sent or received by your device. To mitigate this risk, we encourage that you use a secured Wi-Fi network. You can check if a network is secure on your mobile device, as it will show a padlock symbol, and on a Windows machine when choosing the network that is marked as ‘secured’.
What to do if you suspect you’ve received a suspicious email?
The National Cyber Security Centre (NCSC) and the City of London Police have recently launched a new Suspicious Email Reporting Service which can be used if you receive communication that looks fraudulent.
You can forward suspicious emails to report@phishing.gov.uk More information about this and other tips and guidance for living and working online, including steps to report a cyber crime, can be found on the NCSC website.
