Avoid using unauthorized applications, websites, cloud services, or AI tools for work-related tasks, as these may bypass company security protections and expose sensitive information to unnecessary risks. Even trusted or popular tools can create hidden security gaps if they have not been reviewed and approved by the organization. Always use company-approved tools and consult IT or security team before adopting new tools or services.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request

A single harmful notification from apps like WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could trick Google’s Gemini voice assistant on Android into following fake instructions. This could lead it to send false messages, open apps, join video calls like Zoom, control smart home devices, or even save wrong information in its memory. The attack does not need any malicious app installed—only Gemini’s ability to read notifications and treat them as trusted input. Security researcher Or Yair from SafeBreach found this issue after earlier similar attacks using fake calendar invites, and later discovered a way to bypass Google’s added protections. Google has since fixed the problem, and there is no evidence it was used in real-world attacks.

Yair’s method, called “Fake Context Alignment,” tricks both the system and the user by hiding real permission prompts in confusing ways, such as using another language or placing instructions inside links that are not read aloud....

Always install updates for your devices as soon as they become available. These updates often include critical security fixes that help protect against emerging threats. Running outdated software can increase the risk of cyberattacks and unauthorized access. Keeping your devices up to date is one of the easiest ways to improve your overall cybersecurity. 

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request. 

Hackers exploit trust, fear, urgency, curiosity, and authority to trick people into sharing sensitive information. Social engineering attacks rely on psychology more than technology.

Key Tactics:
• Trust – Impersonating coworkers, leaders, or trusted brands.
• Fear & Urgency – Pressuring quick decisions.
• Curiosity – Using enticing messages or attachments.
• Obligation – Taking advantage of people's willingness to help.
• Authority & Social Proof – Using fake credibility or peer pressure.

"Awareness Beats Manipulation"

Do you have a question? Submit a ticket at...

Always be cautious when clicking links, even if they appear to come from a trusted coworker, friend, or organization, as legitimate accounts can be compromised and used to distribute malicious content. Before clicking, verify that the message is expected and inspect the link destination to ensure it leads to a legitimate website. When in doubt, confirm the request through a separate trusted communication channel or access the website directly through its official address.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request

If something feels suspicious, don't ignore it—report it immediately. Prompt reporting can help prevent security incidents and protect both the company and your colleagues from potential threats. Be vigilant for unusual requests, unexpected messages, or activities that appear out of the ordinary. When in doubt, follow the company's reporting procedures and notify the Data Security Team. 

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request. 

AI can help you work faster and easier by answering questions, assisting with daily tasks, and improving productivity, but it should always be used responsibly. Avoid entering any sensitive, confidential, or personal information into AI tools, since shared data may be processed or potentially exposed through misuse or security risks. Always treat AI as guidance only, verify important information before acting on it, and stay alert to possible AI-driven scams and impersonation attempts.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.

Always keep your employee ID and access credentials private and secure. Avoid sharing passwords or allowing others to use your account. Store your ID safely and log out of systems when not in use. Immediately report lost credentials or unusual account activity to maintain workplace security. 

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request. 

Cybersecurity is everyone’s responsibility—not just IT’s. Simple daily habits like strong passwords, safe browsing, and avoiding suspicious links help protect sensitive information. Awareness and training reduce risks, build trust, and create a safer workplace culture.

Key Reminders:

• Security is a shared responsibility
• Everyday actions prevent cyber threats
• Awareness helps spot scams and phishing
• A strong security culture builds safer habits
• Protecting data protects people and reputation

“People Are the First Firewall.”

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.

Pay attention to unusual account activity or unexpected login alerts. These warnings may indicate that someone is trying to access your account without permission. Checking your account activity regularly can help you detect suspicious behavior early. If you notice anything unusual, update your password immediately and enable two-factor authentication for better protection. 

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.