When using a company-provided device, only download apps or files that are necessary for your work and come from trusted or approved sources. Avoid installing anything from unknown websites, pop-ups, or personal accounts, as these can introduce security risks to both you and your organization. If you are unsure about a download or accidentally install something suspicious, report it to Data Security right away instead of trying to fix it yourself.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.

Cybersecurity researchers discovered a large attack involving 108 Google Chrome extensions that were secretly connected to the same control system. These extensions were designed to steal user data and abuse the browser by injecting ads, running hidden scripts, and tracking activity on every website visited. Although they looked like normal tools, games, or browser helpers, they were all controlled by one operator and shared the same backend server.

The extensions came from five different developer names and had around 20,000 installs. They sent stolen data like login details, browsing activity, and account identities to remote servers. Some stole Google and Telegram sessions, others removed website security protections to inject ads or gambling content, and some even ran hidden code or opened websites without permission. Researchers believe this was a coordinated operation, though the attackers are still unknown, with some code containing Russian-language...

Never trust someone just because they can mention personal details about you. Attackers often collect or buy information to sound convincing and legitimate. Always verify their identity through a separate, trusted communication channel. Careful verification helps reduce the risk of social engineering attacks. 

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request. 

Public Wi-Fi is convenient but risky—attackers can intercept data, steal passwords, or spread malware. Avoid sensitive activity and protect your connection.

Safety tips:

• Use a VPN to encrypt your connection
• Avoid logging into banking, email, or other sensitive accounts
• Keep your device and apps updated
• Turn off file/printer sharing and AirDrop
• Only connect to trusted networks and verify the Wi-Fi name

“Secure your connection, secure your data.”

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.

Always pay close attention to small details in emails, messages, and websites, as scams can now appear highly convincing with the help of AI. Carefully examine sender addresses, links, and any requests—especially those that create urgency or ask for sensitive information, which are common signs of Phishing. If anything seems even slightly unusual, pause and verify the message through a trusted source before clicking or responding.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.

Regularly monitor your bank, email, and social media accounts to spot any unusual activity, such as unknown logins, unexpected messages, or transactions you didn’t make. These small warning signs can indicate that someone is trying to access or has already accessed your accounts without permission. Detecting issues early allows you to act quickly—secure your accounts, prevent further damage, and protect your personal information.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request

Be wary of messages pretending to be from government agencies, as scammers can make them look very convincing. Some scams are run by organized groups that use sophisticated methods to trick victims into giving up access to their accounts. Never click on suspicious links or provide personal information through messages, calls, or emails. Always verify requests by going directly to the official website or using verified communication channels. 

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request. 

Always be cautious when clicking links in emails, even if they appear to come from trusted sources, because attackers can disguise malicious URLs to steal your information or install harmful software. Before clicking, take a moment to inspect the link by hovering over it or verifying the sender, and when in doubt, go directly to the official website instead of using the email link. A few seconds of checking can prevent serious risks like account compromise, identity theft, or malicious software infections.

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request

Two-Factor (2FA) and Multi-Factor Authentication (MFA) add extra security beyond passwords by requiring a second step—like a text code, app, or fingerprint—making it harder for attackers to access your accounts.

Tips:

1. Enable 2FA/MFA on key accounts (email, cloud, work).
2. Never share verification codes.
3. Review and remove old trusted devices.
4. Keep backup codes secure.

“Double the locks, double the safety!”

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.

Small mistakes—like clicking phishing links or using weak passwords—can put company and personal data at risk. Stay alert, follow best practices, and report anything suspicious. Cybersecurity is everyone’s responsibility.

Quick Tips:

1. Verify senders before clicking links or attachments
2. Use strong, unique passwords + 2FA
3. Keep devices and software updated
4. Avoid unsecured Wi-Fi for work
5. Report suspicious activity to IT/security

"Your actions protect the company"

Do you have a question? Submit a ticket at [PB-8324] Tech QuickSupport Request.