Frequently Asked Question

1. Be Skeptical:

Question Unexpected Emails: If you receive an unexpected email, especially those urging urgent action, verify its legitimacy. Check the sender's email address and be cautious about clicking on links or downloading attachments.

2. Verify Sender Identity:

Check Email Addresses: Scrutinize the sender's email address for inconsistencies or slight variations from official addresses. Legitimate organizations usually have consistent and recognizable email domains.

3. Avoid Clicking Suspicious Links:

Hover Before You Click: Hover your mouse over links to preview the destination URL. Ensure it matches the purported link's content. Avoid clicking on links in emails from unknown or unexpected sources.

4. Verify Requests for Personal Information:

Double-Check Requests: Legitimate organizations rarely ask for sensitive information via email. Verify requests for personal or financial details by contacting the organization directly through official channels.

5. Stay Informed:

Educate Yourself: Stay updated on common phishing tactics. Understand the different types of phishing attacks, including spear phishing, vishing (voice phishing), and smishing (SMS phishing).

6. Use Two-Factor Authentication (2FA):

Enable 2FA: Whenever possible, enable two-factor authentication for your accounts. This adds an extra layer of security, even if your password is compromised.

7. Keep Software Updated:

Regular Updates: Ensure your operating system, antivirus software, and other applications are up to date. Updates often include security patches that protect against known vulnerabilities.

8. Be Cautious on Social Media:

Limit Personal Information: Be mindful of the information you share on social media. Avoid sharing sensitive details, such as your address or phone number, publicly.

9. Report Suspicious Activity:

Use Reporting Channels: If you suspect a phishing attempt, report it to your IT support or the designated reporting channel in your organization. Prompt reporting helps in taking preventive measures.

10. Attend Security Awareness Training:

Participate Actively: Engage in cybersecurity awareness training programs provided by your institution. These sessions offer valuable insights into recognizing and defending against phishing and social engineering.

11. Verify Unusual Requests:

Contact Directly: If you receive a request for money, access, or information that seems unusual, independently verify the request by contacting the person or organization directly through trusted means.

12. Trust Your Instincts:

Err on the Side of Caution: If something feels off or too good to be true, it probably is. Trust your instincts and seek guidance if you are unsure.

By adopting these practices, you contribute to a safer online environment for yourself and your community. Remember, being vigilant and informed is the first line of defense against phishing and social engineering attacks.