Cyber Security

Do's

Use Strong Passwords: The National Cyber Security Centre (NCSC) recommends combining three random words to create a password that’s ‘long enough and strong enough’. For example, three random words such as apple nemo biro could be combined into the password applenemobiro. By adding numbers or special characters between the words you are making the password even stronger such as - apple3nemo#biro
Enable Multi-Factor Authentication (MFA): Add an extra layer of security by enabling MFA on all accounts.
Stay Updated: When prompted update your software, applications, and operating systems to protect against vulnerabilities.
Be Cautious with Emails: Verify the sender's email address and be wary of unexpected attachments or links to avoid phishing scams. If you are unsure about an email, ask for advice.
Report Suspicious Activity: Immediately report any suspicious emails, links, or activities to IT: support@stclarehospice.org.uk
Educate Yourself: Participate in cyber security training sessions to stay informed about the latest threats and best practices. Start here:

https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/

https://superhighways.org.uk/latest/cyber-security-basics-for-ever/

Don'ts

Don't Share Passwords: Never share your passwords with anyone, even colleagues or your supervisor.
Don't Use Public Wi-Fi for Sensitive Tasks: Avoid accessing sensitive information over public Wi-Fi networks without a VPN.
Don't Ignore Software Updates: Skipping updates can leave your devices vulnerable to attacks.
Don't Click on Unknown Links: Avoid clicking on links or downloading attachments from unknown or suspicious sources.
Don't Use the Same Password for Multiple Accounts: Using unique passwords for different accounts reduces the risk of multiple accounts being compromised. Use unique passwords for all your accounts, but especially for:
- Work device accounts
- Email accounts
- M365 accounts
- Financial accounts
- Social Media accounts

Don't Leave Devices Unattended: Always lock your devices when not in use to prevent unauthorized access.
Don't Overshare on Social Media: Be mindful of the information you share online, as it can be used for social engineering attacks.

If you have any specific questions or need further details, feel free to ask!

Type of email attacks

Spam (also known as junk mail) is an unsolicited email. In most cases, spam is a method of advertising. However, spam can send harmful links, malware, or deceptive content.

Phishing is a form of fraud. Cybercriminals use email, instant messaging, or other social media to try to gather information such as login credentials by masquerading as a reputable person. Phishing occurs when a malicious party sends a fraudulent email disguised as being from an authorized, trusted source. The message’s intent is to trick the recipient into installing malware on his or her device or into sharing personal or financial information.

How To Protect Yourself from Email Attacks?

Be cautious when opening emails from unknown sources.
Look for signs of phishing, such as spelling errors, suspicious links or attachments, and requests for personal information.