Security: User Education and Awareness

Published
My Password - keep it safe!

In this article, we’re going to cover a few vital tips on how to educate users to keep your IT systems safe the best part: it doesn’t cost a penny. There’s plenty of thought-provoking information on the rest of the page and we’ve also included an informative, government-backed, video from The Centre of National Infrastructure Protection at the bottom.

One of the biggest threats to the security of your systems are the users. We’re not talking about malicious activities here, just simple mistakes and bad practices that many of us are guilty of.

User awareness and filtering is often the best defence against cyber threats and attacks.

We ask that users question anything that looks suspicious.

Be suspicious

Look at everything suspiciously, if something does not look right then ask as it may not be:

  • Should I be receiving an email with an invoice attached?
  • Would my bank ask me this?
  • Would they say that?
  • That popup does not look normal

If on Doubt Ask! As a customer of Get Support IT Services’ IT Support Department service, we’re only a phone call or email away. Always feel free to ask our friendly team of experts if you’re at all concerned it’s best we check it out for you.

Details by email

If a supplier sends you new bank details – always call them on a number you know is theirs and check the bank details are real. Don’t just call the number on the bottom of the email. There are an increasing number of very sophisticated frauds when a party sending money is convinced to change the bank details at the last minute and transfer money straight into the bank of a fraudster.

If in doubt Ask! But we can’t help you with this one – you need to call the other party involved.

Phishing

Phishing is an attempt to obtain sensitive information such as usernames, passwords, and credit card details, and money. This is often for malicious reasons by disguising as a trustworthy entity in an email or website. Examples of these include:

  • Fake bank emails are asking you to click through to log in – You bank will never send you a link asking you to log on or ask you for your username, password, pass phrase or passcode by email.
  • Fake invoice emails
  • Fake delivery emails
  • Fake email alerts

How to spot phishing emails:

  • Is the email address correct? (Look really closely – there are ways to set an additional emailed address as a display name to try and trick you)
  • Is the content correct/suspicious/ are there any typos?
  • Am I being asked for something that’s not right?
  • Should I be receiving this kind of email?
  • Was it in your Junk folder or quarantine?
  • Is the email generic or have you been provided with information that only the real sender would know?
  • Does the link go to the correct URL? You can check this by hovering over it
  • Don’t click links in emails where possible, go to the site directly
  • Password Managers can help. If the website does not have the correct address, your Password Manager won’t offer you the password to login

In a future blog post, we’re going to look at password security and password managers.

Feel free to share a link to this page to your team. Get everyone thinking about security. If you would like advice on how to train your team please use the contact form at the bottom of the page or give us a call.

There’s a good, informative video below all about Phishing and Spear Phishing:-

Latest From The Blog

Microsoft 365 Copilot Release Roundup: August, September, October 2024  

Discover the latest updates for Microsoft Copilot released during August, September, and October 2024.

What's new with the Windows 11 24H2 update?

Here’s a Get Support guide to the latest Windows 11 24H2 update, including what matters most for small businesses.

Microsoft BizChat is far more important than it sounds

It might sound like the name was dreamed up in the early 2000s, but Microsoft BizChat is a deceptively powerful tool for small businesses.