If you receive an email that contains threats against you or your organization, do not respond. Threatening emails are often meant to provoke fear or manipulate you into taking action. Engaging with the sender can escalate the situation or confirm that your contact information is active. This can make you a continued target. Instead, report the message to the Data Security team immediately. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Even in today’s digital world, your personal information can still be stolen the old-fashioned way — from the trash. Before throwing away documents like bank statements, bills, or anything with personal or financial details, make sure to shred them. It’s a simple step that helps protect you from identity theft and keeps your private information secure.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Planning a beach vacation this summer? Be cautious of unbelievably cheap beachfront rentals or “too good to be true” travel deals, as scammers often prey on travelers looking for great deals. Always book through trusted platforms, verify the property with reviews, and check the website URL carefully to ensure it’s legitimate. Taking these simple steps can help you avoid scams and make sure your summer getaway is smooth and stress-free!

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Phishing isn’t limited to email—SMS phishing, also called smishing, is becoming more common. These scams often arrive as unexpected text messages. They may include links that lead to fake websites or attempt to steal personal information. Avoid clicking on any suspicious links. Always verify the sender before responding, even if the message appears to come from a trusted company or coworker. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Microsoft is warning about a series of phishing attacks using fake tax-related emails to spread malware and steal user credentials. These scams often include PDF attachments with shortened links or QR codes, which lead to fake websites that look like trusted services (e.g., DocuSign or Microsoft 365).

Some of these attacks use a platform called RaccoonO365, which helps cybercriminals create phishing websites. Once users click the links, they might be tricked into downloading malware like Latrodectus, Remcos RAT, GuLoader, AHKBot, and BRc4—tools that give attackers remote access or steal information.

Cybercriminals use tricks like QR codes, URL shorteners, and fake login pages to hide harmful links. They also abuse trusted platforms like Dropbox and Adobe to bypass security. Some emails pretend to be from services like Spotify or send fake alerts to steal login or payment info.

To stay safe, Microsoft recommends using phishing-resistant login methods, enabling...

Always think twice before downloading any files. Just because something looks harmless doesn’t mean it is. Cybercriminals often hide malicious software in seemingly innocent files. Be especially cautious with downloads from unknown or untrusted sources. When in doubt, it’s better to skip the download than risk compromising your device. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

In today’s digital world, adopt a zero-trust mindset. Treat every user and device as a potential threat and always verify access before sharing sensitive info. Use secure logins, MFA, and trusted tools.

Tips for Implementing Zero-Trust:

• Verify Access: Use MFA and secure logins (passwords + biometrics).
• Monitor Devices: Validate new devices and check for suspicious activity.
• Use Secure Tools: Use encrypted, trusted communication platforms.
• Limit Exposure: Share only necessary info and restrict data by role.
• Stay Updated: Regularly update systems and review permissions.

Zero-trust means...

Avoid clicking on links shared on social media, especially from people you don’t know personally. Cybercriminals often use these links to direct you to phishing sites or distribute malicious software. Always verify the sender before clicking and consider visiting trusted websites directly. Staying vigilant about the sources you interact with online is key to protecting your security. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support.

When sharing sensitive information or credentials, always use secure and trusted methods. Avoid sending passwords, credit card details, or personal data through unencrypted channels like regular email or text messages, as these can be intercepted by hackers. If you must share information, use encrypted communication tools or secure websites that protect your data. Also, always verify the identity of anyone requesting your credentials to ensure you're sharing them with a legitimate source.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Always use trusted platforms when sharing files to ensure your information stays safe. Before sending, double-check the recipients to make sure you're sharing with the right individuals. This simple step helps prevent unauthorized access to sensitive data. By verifying both the platform and the recipients, you reduce the risk of a security breach. These precautions are essential for keeping your data secure and protected. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support.