Module

Topic

Content

Block no.

Updated/ New

Am I really a target?

Cybersecurity context setting.

It’s the age of Technology! There’s no denying it. We rely on technology for everything from recipes to directions. But all this information, data and convenience, comes at a price: an increased threat of cyber attacks.

1913

Updated

Am I really a target?

High-profile examples of targeting.

Bonus content: Digital warfare On 24th February 2023, Russia staged a cyber attack against Ukraine which was felt internationally. Wind farms in central Europe, internet users across France, and the Ukrainian military were all affected.

1918

Updated

Am I really a target?

The potential impact on individuals and organisations.

Whomever the criminal may be, think of the damage that could be done. Could your information be used to withdraw funds or spread malware to loved ones? Could your work accounts be used to install ransomware or leak sensitive information? The damage caused by cybercriminals is not always financial. The damage could be reputational or even psychological.

1943

Updated

Am I really a target?

The CIA triad.

When it comes to information security, think CIA. Confidentiality. Prevent sensitive data getting into the wrong hands. Make sure all information is correctly classified and people can only access what they need to. Integrity. Keep your data accurate and consistent. Make sure only authorised people can access information and alter it. Put in processes to prevent its alteration in transit. Availability. Make sure information is accessible to those who need it. Keep systems that hold data protected and maintained.

7721

New

Passphrases

MFA brute force attacks

MFA is great, but it’s still vulnerable to brute force attacks. If someone can get hold of the ‘something you have’, they can likely guess the ‘something you know.’ Protect your accounts by always using MFA in conjunction with a strong passphrase.

1990

Updated

Passphrases

Layering

Layering up Passphrases are the best kind of password. No doubt about it. But Fort Knox wouldn’t be famous if it had only one defence. If you want your accounts fighting fit, use biometric readers, multi-factor authentication (MFA), and a password manager alongside your passphrase. Note: Your organisation may have security protocols in place you must use in conjunction with a password. Read your company’s security policy or ask your IT department for advice.

1987

Updated

Passphrases (story-style)

MFA brute force attacks

MFA is great, but it’s still vulnerable to brute force attacks. If someone can get hold of the ‘something you have’, they can likely guess the ‘something you know.’ Protect your accounts by always using MFA in conjunction with a strong passphrase.

6989

New

Preventing identity theft

Introduction

You are more likely to be affected by identity theft than any other type of cybercrime. We’re going to show you just how simple it is to steal an identity, and everything you need to do to stay protected.

2046

Updated

Preventing identity theft

Social media

Unfortunately, criminals also use social media to ‘fill in the gaps’ when researching victims. They look for full names, dates of birth, addresses, education histories, pet names and family members. This doesn’t mean we shouldn't use social media. It just means we need to keep a few things in mind. Things like:

2060

Updated

Preventing identity theft

Social media

Do they contain sensitive information (like details of debit cards or flight tickets)?

3050

Updated

Preventing identity theft

Social media

Have you geotagged yourself? Geotagging doesn’t just let people know where you are - it lets them know where you’re not!

3051

Updated

Preventing identity theft

Social media

Information posted to professional social media accounts can be used by criminals to orchestrate social engineering attacks. Before posting, consider if and how your post might be used by a criminal, either in isolation or when combined with other information.

3052

Updated

Preventing identity theft

Social media

Review privacy settings on social media to check what strangers and cybercriminals have access to. Click the links below for more information. Facebook Twitter Instagram Snapchat TikTok LinkedIn

2062

Updated

Preventing identity theft

Social media

Pro tip Use Google’s Manage your reputation tool to see exactly what personal information is publicly available and remove any unwanted content or associated search results.

7722

New

Preventing identity theft

Mobile phones

SIM swapping sees criminals gain access to your phone by requesting a new SIM card from your network provider. This is how: First, criminals contact your phone company pretending to be you. Next, they answer a series of security questions. If successful, they amend your address. Then, they request a new SIM card. Finally, they activate the new SIM card. Your SIM stops working and all phone calls and text messages are diverted to the criminal.

2072

Updated

Preventing identity theft

Mobile phones

Protect yourself from SIM swapping by contacting your network provider and setting a password on your account. In the future, they’ll ask you for your password instead of security questions.

2073

Updated

Preventing identity theft

Bulletproofing your identity

Unauthorised transactions made from your bank account. Letters or emails about products or services you do not recognise. Letters or emails failing to arrive. Phone calls and text messages suddenly cease. Goods delivered without being ordered. Credit or debit cards being declined, or refusal for credit related services.

2931

Updated

Preventing identity theft

Bulletproofing your identity

If you think you are a victim of identity theft, take immediate action. Criminals will act quickly to exploit your details for maximum gain; you need to act quicker. If you notice unauthorised transactions or a credit/debit card is declined, contact your bank or card provider. If phone calls or text messages suddenly cease, contact your network provider. If you receive letters, emails or goods you weren’t expecting; or letters, emails or goods you were expecting fail to arrive, contact the company or provider concerned.

2934

Updated

Preventing identity theft

Bulletproofing your identity

Doing so prevents criminals from registering your details at their address so they can redirect and intercept your mail. Next time you vote, be sure to tick the box requesting your information be removed from the public electoral register. All the information needed to commit identity theft lies in a single bank statement. So, stealing mail is a highly effective way of committing identity theft.

2081

Updated

Preventing identity theft (story-style)

Introduction

Over the next few weeks, Gemma discovered her identity had been stolen. “Gemma Comel'' had opened accounts, racked up bills, and spent frivolously. Now, it was time to pay.

5699

Updated

Preventing identity theft (story-style)

How to steal an identity

A name, address and phone number. That’s all it takes to steal an identity.

5671

Updated

Preventing identity theft (story-style)

How to prevent identity theft

1. Review privacy settings. To make sure information cannot be viewed by strangers. 2. Consider what you share. Could what you share be used to guess answers to security questions, assist in credit applications, or work out information about clients and suppliers? 3. Manage your online reputation with Google. Have photos or information been posted without consent? Google’s Manage your reputation tool shows exactly what personal information is publicly available and gives you the power to remove any unwanted content or associated search results. Take a few minutes to review your privacy and make your identity more secure.

5945

Updated

Preventing identity theft (story-style)

Securing your mobile phone

Protect yourself from SIM swapping by contacting your network provider and setting a password on your account. In the future, they’ll ask you for your password instead of security questions. Easy.

5685

Updated

Preventing identity theft (story-style)

Securing your mobile phone

To stop other people using your SIM card to make phone calls, intercept messages or use cellular data, you can use a SIM PIN. Every time you restart your device or remove the SIM card, your SIM will automatically lock and you'll see "Locked SIM" in the status bar. Never try to guess a SIM PIN. The wrong guess can permanently lock your SIM card, and then you would need a new SIM card. If your device asks for a PIN or code that you don't know, here's what to do: Contact the carrier that gave you the SIM card. If you aren't sure which carrier to call, remove the SIM card and check the card for the carrier's name or logo. Ask your carrier to help you unlock your SIM card using the default SIM PIN or PUK code. If you can't unlock your SIM card using the SIM PIN or PUK code, or if an alert states "PUK exhausted", ask for a new SIM card.

5946

Updated

Preventing identity theft (story-style)

Taking control

The final piece of the puzzle - taking control of the same tools a criminal would use to steal your identity. According to our psychologists, if you complete just one today, you’ll likely complete the rest over the next few days. […] The information needed to commit identity theft lies in a single bank statement. Make sure your mailbox is tamper proof. Shred any documents containing personal details before recycling them.

5686

Updated

Device security

Antivirus

Antivirus provides near-comprehensive coverage against known online threats and, once installed, removes the worry associated with clicking on the wrong thing. It gives you peace of mind.

2953

Updated

Device security

Antivirus

Check if your organisation uses a specific antivirus. You may get access for free! If not, review your options before purchasing. And don’t use more than one antivirus program at a time. Different programs can conflict with each other. Whatever the case, always set your antivirus software to auto-update.

3024

Updated

Device security

Firewall

Bonus content: Firewall setup Firewall setup: Apple Apple icon >> System Settings >> Network >> Firewall >> Make sure the Firewall toggle is ‘On’ Firewall setup: Windows Settings >> Update & Security >> Windows Security >> Open Windows Security >> Firewall & network protection >> Select ‘On’ for Domain, Private and Public network.

2201

Updated

Device security

Updates

After any security update is released, the updated security code is compared with its previous version to find out what the update fixed. The comparison reveals the vulnerabilities in the old code, which criminals exploit to create malware. This malware is then spread in the hope of finding victims who have yet to implement the latest updates. This is exactly what happened in the WannaCry attack of 2017. The easiest way to manage updates is to set them to install automatically. This should be done for both software and operating systems.

2205

Updated

Device security

Permissions

On your work computer: Make sure you have only the permissions you need to carry out your role. If you have access to a system that you don’t need, let your organisation know.

3062

Updated

Device security

Encryption

‘Encryption’ is the process of locking data so it can’t be read by unauthorised parties. Encryption can be applied to data when it’s in transit and/or when it’s in storage. If your computer is ever lost or stolen or if data is extracted remotely, as long as you’ve enabled encryption, your files will be protected.

2215

Updated

Device security

Encryption

Bonus content: Encryption setup Encryption setup: Apple Apple icon >> System Settings >> Privacy & Security >> Click ‘FileVault’ >> Click the lock icon >> Enter admin credentials >> Click ‘Turn On FileVault’ Note: This will give you the option to use your iCloud account and password, or a recovery key that’s created for you. If you choose the recovery key, keep a copy of the key somewhere other than your encrypted startup disk. If you lose both your account password and your recovery key, you won't be able to log in to your Mac or access the data on your startup disk. The encryption may take some time to complete, but will run in the background. Encryption setup: Windows Login with your administrator account >> Start >> Settings >> Updates & Security >> Device encryption >> Turn Device encryption on

2218

Updated

Device security

Backups

At home, the quickest, cheapest and most secure way to backup data is via an external hard drive or USB memory stick. Just make sure the backup device doesn’t remain connected to your computer when it’s not in use!

2222

Updated

Device security

Clouds

Clouds are computer networks located somewhere else in the world. When you use a cloud service, you’re doing nothing more than connecting to another machine in order to access a service on that machine, such as a software program or storage space.

2224

Updated

Device security

Clouds

Yes! Absolutely. But be sure to use a reputable cloud service provider you trust and has appropriate security measures. And don’t use a cloud as your only means of backup. No cloud storage solution is 100% secure. Malware, such as ransomware, can still reach a backup stored in a cloud. Be sure to periodically backup your really important files to an external hard drive or USB memory stick.

2227

Updated

Device security

Mobile phones and tablets

Apps are the most common way for malware to infect a mobile device. Common variants target banking applications, or send silent text messages to high rate numbers. Before installing, check the number of times an app has been downloaded, the app reviews, and the permissions it requests from your device. Android users should be careful when installing apps from anywhere other than the Google Play store. Make sure Google Play Protect is enabled.

2233

Updated

Protecting your devices

Too close for comfort

And avoid using passphrases on their own. Layer your defences with multi-factor authentication.

6514

Updated

Protecting your devices

The good, the bad, and the useless

MFA is incredible. It will take your accounts from 50% secure to 99% secure. BUT ONLY if used in conjunction with biometric identification or a strong passphrase while notifications are off. Without them, MFA is still vulnerable to brute force attacks. Learn how to set up MFA here.

6517

Updated

Protecting your devices

Summary

Our phones contain our most personal details. So keep them secure! Use a strong passphrase combined with MFA and a password manager to keep people out. Keep your phone and apps updated and your files encrypted.

6561

Updated

Are you really a target?

How do you like your eggs in the morning?

Within minutes, the fraudster has access to Joe’s accounts. Netflix, Amazon, Facebook, Instagram, LinkedIn, TikTok, the lot.

6494

Updated

Are you really a target?

How do you like your eggs in the morning?

Find out what information about you is publicly available using Google’s Manage your reputation tool. It shows exactly what information is publicly available and gives you the power to remove any unwanted content or associated search results.

6495

Updated

Are you really a target?

Coffee, anyone?

And be sure to enable visible file extensions. Attached files ending in ‘.exe’, ‘.vbs’ or ‘.scr’ perform an action and could put your device at risk.

6505

Updated

Are you really a target?

Coffee, anyone?

Spyware comes in many different forms, but all forms can be detected. If you suspect your device is infected with spyware, take the following steps: Check for any apps you didn't download. If you spot an app you don't recognise, uninstall it. Check your device activity using Task Manager (Windows) or Activity Monitor (Apple). This will help you spot and stop unauthorised applications. Scan your device using an anti-virus software of your choice.

7724

New

Are you really a target?

A hard day’s night

Joe’s accounts have been breached. ‘Not to worry’ Sam calmly states. ‘Go into your accounts and change your passwords to separate passphrases. Then, enable multi-factor authentication on accounts that allow it’

6539

Updated

Public Wi-Fi

Is Wi-Fi safe?

It seems absurd, but this is fundamentally how information is transmitted when we use public Wi-Fi. It’s nothing to do with the security of your device or the website you are using. Wi-Fi is insecure by design.

2004

Updated

Public Wi-Fi

Tethering

You can find out how to tether your mobile here.

2020

Updated

Public Wi-Fi

Use a Virtual Private Network (VPN)

Use a Virtual Private Network (VPN)

6079

New

Public Wi-Fi

Use a Virtual Private Network (VPN)

If you own a company device with a VPN, keep it switched on. No VPN means data can be intercepted en route. VPNs are there to protect you, prevent security breaches, and let you use Wi-Fi freely.

2030

Updated

Public Wi-Fi

VPNs for personal use

You’ll be surprised how easy it is to set up and use a VPN. As with any service, you get what you pay for. Some VPNs are free, others come with a fee. The paid-for variants are usually quicker and more trustworthy.

2031

Updated

Public Wi-Fi

VPNs for personal use

Although good VPN operators state they don’t store information, they do have the ability to see your information as you use their service. But it’s still preferable to use a reputable VPN than to expose your information to Wi-Fi hotspot owners or other users.

2033

Updated

Public Wi-Fi

VPNs for personal use

Having trouble turning your VPN on? Head to Advice for more information.

2034

Updated

Public Wi-Fi

Bonus content: VPN advantages

VPNs provide some cool benefits on top of security. They allow you to > set yourself a virtual location, allowing access to services or websites usually available only in other countries. > stream your favourite films and games from anywhere. This feature is great if you are travelling and want to catch up on your favourite shows. > encrypt virtual calls so they cannot be intercepted. > prevent search providers from tracking your search records. > increase the speed of your service. Internet service providers (ISPs) sometimes place limits on streaming speeds to regulate bandwidth. Using a VPN prevents your ISP from seeing what you’re doing, overcoming restrictions.

2035

Updated

Browsing securely

Introduction

Today’s criminals are using new techniques to make malicious websites look and feel safe. They’re upping their game. To stay safe, we need to up ours.

2119

Updated

Browsing securely

The padlock

The padlock indicates a website has a security certificate. Security certificates used to be hard for site owners to acquire. This is no longer the case. Security certificates can be obtained in seconds, for free. If a website is owned by a criminal, and it has been created to steal details, it’s unsafe, padlock or not.

2121

Updated

Browsing securely

The padlock

The internet is not the only place where you can find malicious links. Be careful of any QR codes you come across in the wild. They can easily link you to fake websites. If you’re not sure what the QR code is for, who put it there, or who owns it, don’t scan it.

2128

New

Browsing securely

Understanding URLs

A URL, or Uniform Resource Locator, (also known as a website address or domain name) specifies the location of a web resource in a computer network. Knowing how URLs function and how they are exploited is key to identifying malicious websites.

2126

Updated

Browsing securely

Understanding URLs

A variety of techniques are used to create fake URLs. These techniques are examples of ‘typosquatting’. You’ll no doubt be aware of the most common: Here’s how criminals use URLs to cause harm: Step 1 - Create a website identical to a well known online service in which personal and/or payment information is regularly entered by users. Step 2 - Register a URL that looks similar to the service’s actual URL. Step 3 - Configure the URL so that when clicked, it directs to the fake website.

2132

Updated

Browsing securely

Understanding URLs

If you suspect a website of being fake, use a search engine to find what you were looking for. Search engines will help navigate to your desired destination while highlighting user reviews and scam reports.

2139

Updated

Browsing securely

Bonus content: Other sections

The protocol tells your browser how to communicate with the website. The two most common protocols are ‘http://’ and ‘https://’.

2370

New

Browsing securely

Bulletproof your browser

If you’re completing this module on a personal computer, follow along to add extra layers of security to your browser. Browser setup To fine-tune your browser setup for maximum protection, head to Advice and read the instructions specific to your browser. Extensions Extensions are small pieces of software that are downloaded and added to your browser. The ones we have listed below will improve browsing speed, prevent malware from running, remove adverts and pop-ups and stop websites from tracking you. The suggestions here are made based on our ongoing personal use. Ghostery uBlock Origin Privacy Badger Note: Sometimes an app may stop a website from running as intended. If this happens just click on the icon and switch it off for that website. If you already have some installed, find out how to check whether they’re safe here.

2175

Updated

Browsing securely

Summary

3. Layer up your defences! Install antivirus and add browser extensions to bolster your browser security.

3069

Updated

Social engineering

What is social engineering?

Social engineering is the art of tricking people into taking actions they normally wouldn’t. It relies on a criminal’s ability to exploit human traits, such as curiosity, courteousness, gullibility, greed and trust. Criminals convince people to reveal confidential information, or to take actions that lead to confidential information being disclosed. Protecting yourself from social engineering means learning to control these emotions and knowing who, what and when to trust.

2299

Updated

Social engineering

Phishing

Phishing is social engineering by email, the most common form.

2305

Updated

Social engineering

Phishing

Bonus content: Attack of the clones

6024

Updated

Social engineering

Vishing

Vishing is social engineering by voice, or phone. A vishing call can be an attack in itself or part of a larger attack.

2321

Updated

Social engineering

Vishing

Vishing as an attack: A phone call is made with the intention of eliciting information from the recipient. Criminals may pose as colleagues needing assistance, IT teams requiring remote access to a machine, or a customer, all to trick targets into revealing confidential information.

2325

Updated

Social engineering

Vishing

Vishing as part of an attack: A phone call is made to support a malicious email or message that’s already been sent. A common method is for criminals to fake an email requesting a payment is made, and follow up with a phone call pretending to be an accountant or solicitor, to pressure the recipient into making the payment quickly.

2326

Updated

Social engineering

Vishing

Vishing as pretext: A phone call is made to create a ‘pretext’ (or to ‘set the scene’) before an attack is carried out. The idea is to get the target ready, so that when the attack takes place the target is expecting it. Pretexting can take place via phone, email, text message, or even in person.

2327

Updated

Social engineering

Smishing

Bonus content: Call forwarding Criminals can take smishing a step further. Criminals will pretend to be from your mobile network, internet provider, or even a government agency. They’ll tell you of an account breach or an issue with your SIM card and give you a number to dial from your phone. What the scammers are doing is forwarding your calls and messages to their number. They will use this to access your accounts. They can even set up MFA to prevent you getting access back.

6881

Updated

Social engineering

Baiting and in-person attacks

QR codes could appear on stickers almost anywhere. Workplace toilets, club walls, lampposts, you name it. They may entice you with discounts, offers, or simply the mystery of where they lead. Once scanned, they could infect the device with malware, or ask you to input confidential information.

2302

New

Social engineering

Baiting and in-person attacks

Sometimes, the only way criminals can attack an organisation is by gaining physical access to computers and other assets. Skilled social engineers will have a cover story to explain why they’re in a building. They might claim they’re meeting someone they know, conducting maintenance work, or that they usually work from another office.

2337

Updated

Social engineering

Baiting and in-person attacks

Charging points can also be used to transfer data. Criminals can hijack these charging points to infect connected devices. This is known as ‘juice jacking’. When using a charging point, disable the ‘automatically transfer data’ function on your device, or use a charging-only adapter.

2300

Updated

Social engineering

Baiting and in-person attacks

Baiting attacks rely on your emotions trumping your common sense. This could be anything from curiosity (leaving a USB stick near your car) to kindness. If someone you don’t know, or haven’t known for very long, is asking you to send them money or invest in cryptocurrency, it could be a scam. This is known as ‘pig butchering’. Head to On-demand help to find out more. If an unexpected call, text or email has made you feel emotional, stay calm. Stay in control of your actions. If you weren’t expecting it, report it!

2334

Updated

Social engineering

Fighting social engineering

Fighting social engineering

Updated

Social engineering

Fighting social engineering

Is in-person approach or phone call unexpected?

3021

Updated

Social engineering

Summary

All emails, all text messages and all phone calls can be faked to appear as if they’re from someone else. For emails, check the sender details.

3075

Updated

Sophisticated attacks

Step 3: Attack

What to look out for: USB devices and QR codes Any USB device can be harmful. This includes charging cables. Labels like “bonus payments” can make USBs enticing. Letting curiosity take over can be risky. Report any stray USB devices you find. Plugging them in isn’t worth it. The same applies to QR codes. They can be found anywhere from toilet doors to lampposts. If you’re not sure what they’re for, ignore them. If you see any in your workplace, report them.

5996

Updated

Sophisticated attacks

Step 3: Attack

This kind of attack is known as ‘pig butchering’. Sophie has ‘fattened up the pig’ using emotional leverage, then attacked (the ‘butchering’). Pig butchering comes in all shapes and sizes. From romance fraud (a new beau asking you to send them money) to investment opportunities (a wealthy stranger giving you the opportunity to invest in their business). In any case, stay calm and composed. Do some research on the person you are talking to. If you suspect it to be a scam, report it. Head to Advice to find out more.

7725

Updated

Malware and breach recovery

What is malware?

Malware is the collective name used to describe programs used by criminals to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to host computers.

2238

Updated

Malware and breach recovery

What is malware?

Ransomware and spyware

2678

Updated

Malware and breach recovery

What is malware?

Spyware (as its name suggests) is designed to spy on people. It’s used to track online activity, collect keystrokes, access cameras, harvest data (such as account information, logins or financial data) and more.

2680

Updated

Malware and breach recovery

Bonus content: Other malware

Viruses attach themselves to software and reproduce when said software runs. Viruses rely on human interaction to spread, either through the sharing of infected files or through infected devices physically plugged into different machines. Worms are similar to viruses but with one main difference: they can spread without any human interaction. The most dangerous worms can even breed across different networks. Trojans are harmful pieces of software that look legitimate. These can be used to create ‘backdoors’ into computers and networks, usually allowing criminals remote access to sensitive information and systems. Grayware is the collective term used to describe unwanted applications and files that worsen the performance of computers and lead to security risks. Unwanted browser extensions, search bars, adware and spyware all fall into this group.

5913

Updated

Malware and breach recovery

What is malware?

Backups render ransomware futile. Use an external hard-drive or cloud service to backup important files.

2681

New

Malware and breach recovery

Links

Links lead to websites. Websites can download malware to your devices. Be especially careful with the ones you weren't expecting to receive. You can check where links lead by hovering over them with your mouse. The true destination will usually be displayed in the bottom left corner of your browser. If in doubt, use a trustworthy search engine to look it up.

2277

Updated

Malware and breach recovery

The signs of infection

If you notice signs of infection on a home computer, it means they can be investigated. If you see them on a work computer, you can report them. In both instances, acting quickly can prevent potential losses to data and/or equipment. Here are the signs to look out for:

2284

Updated

Malware and breach recovery

Breaches

Flagging potential infections gives your organisation a fighting chance to prevent further data loss and reputational damage.

2290

Updated

Security incidents: Your role

What happened to Peter?

Malware can also lock and delete personal files – which is one of the ways the “ILOVEYOU” malware hurt Peter and its other victims. It was ransomware.

5952

Updated

Security incidents: Your role

Part 1: Preventing

Hovering/pressing won’t reveal their destination. Instead, search for the link using a reliable search engine and report the URL to your IT department.

5718

Updated

Security incidents: Your role

Part 1: Preventing

File extensions aren’t always displayed by default. If you use a personal device for work, turning on the “Show file extensions” setting will help you to spot dangerous files. Head to On-demand help to find out how.

5811

Updated

Security incidents: Your role

Part 1: Preventing

Always download apps from reputable sites like the Apple app store or Google Play. Check reviews before downloading.

5974

Updated

Working remotely

Introduction

“Invite to Saleena’s virtual leaving drinks. Awesome. It’s not like there’s anything else to do!” Sarah has been working remotely for nearly a year. At first, she enjoyed her new environment. Cool home-office gadgets, cosy blankets, and a fresh obsession with plants. The novelty quickly turned frustrating. No distractions, no water-cooler chats, no social interaction. Like most people, Sarah’s desire for social interaction skyrocketed.

6374

Updated

Working remotely

Where did Sarah go wrong?

Whether it’s the desire to feel connected or the anticipation of a precious delivery – they take advantage.

6375

Updated

Working remotely

Where did Sarah go wrong?

Check sender’s email address. Do you recognise it? Does it match the name of who the email is from? If not, verify using an alternative contact method. Check email content. Is the email unexpected? Is it too good to be true? If something doesn’t feel right, slow down and report it to your IT department. Check links and attachments. Do you recognise them? Hover your mouse over a link to see its true destination. Use a reliable search engine to check whether it’s safe to open.

6377

Updated

Working remotely

Policies, procedures, guidance, winning

Note: You may live in a country where some providers are not deemed safe. Check first before purchasing.

6380

Updated

Working remotely

Policies, procedure, guidance, winning

Work devices often have a lot of security layers in place. If you can, make sure your work and personal devices are separate. Keep work emails on work accounts and personal emails on personal accounts. Avoid forwarding emails from one to the other, just in case.

6379

Updated

Working remotely

Routers

Unsecured routers can put both personal and work devices at risk Secure your home routers for protection when working from home. Head to On-demand help to find out how.

6389

Updated