Always lock your device whenever you step away from it, even if it is only for a short time. Leaving your phone, tablet, or computer unlocked allows other people to easily access your personal information, messages, or accounts. You should also enable automatic lock so your device locks itself after a short period of inactivity in case you forget to lock it manually.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support.

Tech company Meta has removed more than 150,000 accounts linked to online scam operations in Southeast Asia, as part of a joint effort with authorities from several countries including the Philippines, Thailand, United States, United Kingdom, and Singapore.

The company said the operation also led to 21 arrests by the Royal Thai Police. It follows a previous crackdown in December 2025 that removed around 59,000 accounts, pages, and groups connected to scam networks.

Meta warned that many scams today are run by organized groups operating in countries such as Cambodia, Myanmar, and Laos, often targeting people online through fake job offers, messages, or fraudulent ads.

To help users stay safe, the company is introducing new warning alerts on Facebook and WhatsApp when suspicious activity is detected. It is also expanding scam detection tools on Facebook Messenger to flag potentially harmful...

Always stay cautious when using company systems. Be mindful of the information you access and share to prevent unauthorized exposure. Avoid installing unapproved software or accessing suspicious links while on company devices. Practicing safe and responsible use helps protect company data and systems from security risks. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Security starts with awareness, and even small habits strengthen your protection. Simple actions—like verifying senders and keeping software updated—add up. Staying mindful of risks helps protect both you and your data every day.

Dos:

• Enable two-factor authentication
• Use strong, unique passwords
• Report suspicious activity
• Backup important files
• Monitor account activity

“Mindful habits make cyber threats vanish!”

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Protect your SIM card and phone number because many online accounts use them to send verification codes and confirm your identity. If someone gains access to your SIM card or takes control of your phone number, they may be able to receive these codes and attempt to access your personal accounts. To stay safe, avoid sharing your phone number publicly and report immediately to your mobile provider if your phone or SIM card is lost or stolen.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Always return any work-issued device such as laptops, desktops, tablets, or mobile phones to the Tech Department when it is no longer in use. Proper handling ensures company data is securely managed before the device is reused or disposed of. Be sure to include all accessories like chargers, cables, and docking stations. Following this process helps protect sensitive information and maintain device accountability. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Turn on extra verification for your online accounts whenever it is possible. This adds an extra step when logging in, such as entering a code sent to your phone or email to confirm that it is really you. Even if someone learns your password, they will not be able to access your account without this second confirmation, which helps keep your information safe.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Be careful with links sent through chat apps. Cybercriminals often disguise malicious links as messages from friends, coworkers, or trusted services. Always verify the sender and avoid clicking links that seem unexpected or suspicious. When in doubt, open the official website or app directly instead of using the link. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Cybersecurity researchers discovered a new phishing tool called Starkiller that can trick people into giving their login details even if multi-factor authentication (MFA) is enabled.

The tool is offered by a cybercrime group called Jinkusu. It allows attackers to create fake login links that look like real websites. Starkiller loads the real website and secretly acts as a middleman, capturing usernames, passwords, and security codes entered by victims.

It can also hide malicious links using services like TinyURL, making phishing messages harder to recognize.

Another phishing kit called 1Phish now targets users of 1Password and can steal one-time passcodes and recovery codes. Researchers also found attacks targeting Microsoft 365 accounts by tricking victims into entering a device code on a real Microsoft login...

Always be cautious of impersonation scams, where attackers pretend to be trusted individuals or organizations to steal sensitive information. Always verify messages or requests that appear to come from trusted sources, especially if they ask for passwords, verification codes, or personal details. If something seems suspicious, contact the person or organization through their official website or app instead of responding directly to the message.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support