Security Awareness Training PDF -cheat sheet

This is a great security awareness cheat sheet to share with your employees. You can also download a PDF version of this security awareness training cheat sheet 

 The Basics

  • Cybercrime is big business and runs like one with scam ads to advertise their fake services and with employees working to 'convert' you from a 'lead' to a 'paying customer' (aka victim).
  • Many scams and hacks can be avoided the more aware and critical we become when interacting online.
  • Not all hacks are targeted - many are a "spray and pray" looking for the unaware to fall for their bait.
  • Question more, trust less!

9 Tips for Avoiding Phishing & Ransomware

  • Does a message make you feel excited? Nervous? Pressured? STOP! Pause and think before you click a link or download a file.
  • To verify you are messaging the right person, give them a quick call.
  • Manually type in a domain URL for a trusted website instead of clicking on an email link to avoid phishing links.
  • Staying on the lookout for phishing attacks can help prevent ransomware being installed on a device.
  • Don't automatically trust messages from co-workers, service providers or even family just because you recognize the sender name.
  • Friends and family accounts may be hacked and used to send malicious links or files to their contact list.
  • Keep computer and smart devices updated regularly to have the latest security patches!
  • Enable two-factor authentication for emails, social media and other apps.
  • If two-factor authentication is not turned on and your account gets hacked, the criminal can enable the 2FA making it harder to get the account back.
  • Checking for spelling mistakes is not enough to prevent phishing. Call the sender on a trusted number to verify the email came from them.

Password Security  & Multi-Factor Authentication - Made Easy

  • Don't use any personal information like your birthday when creating passwords. Also avoid phrases from songs, popular movies, or any commonly used expressions.
  • Using the same password for different accounts puts all of them at risk if the password is leaked.
  • A password alone is not enough to secure your online accounts.
  • Multi-factor authentication (MFA) can protect your account even if your password has been hacked as criminals do not have the second code generated by your Authenticator app.
  • MFA is off by default. Turn it on under Settings -> Privacy (or Security) Authenticator Apps are more secure than text-based (SMS) for 2FA options. Never share a verification code with anyone.

Policies & Procedures - The Right Way

  • When verifying sensitive requests don't trust the contact info listed in the email signature.
  • Always verify a change request through established protocol.
  • Only use listed contact information for phone and email from your company's vendor management system.
  • Check with the IT team on the apps / tools you want to use as they may have a more secure alternative.
  • Don't bypass security for the sake of productivity.

 

We have many more Security Awareness Training Materials like our Security Awareness Training PPT in our Training Hub. 

Security Awareness Training PPT