It has been observed that number of Cyber-attacks are increasing day by day.
Generally,
these cyber-attacks happen as the users are not fully aware of ways through which Cyber-attacks
happen. Due to this, users share OTP/passwords or click on unwanted/phishing links and became
victim of the cyber-attack. As a result, the personal information/banking information got lost and
also the user may have to face financial losses.
2. To make secure/safe internet usage and to avoid Cyber-attacks, users must keep following
list of ‘DO’able and Non-‘DO’able actions in mind:
DO’s DON’Ts
1. Phishing 1. Phishing
a) Verify the Sender Always check the a) Don’t Click on Avoid clicking on links
sender's email address. Suspicious in emails from
Phishing emails often Links unknown or untrusted
use addresses that look sources.
b) Check for similar to legitimate b) Don’t Open Do not open
Spelling and ones but with slight Attachments attachments from
Grammar variations. Eg. The URL unknown senders, as
Mistakes link could by they may contain
‘www.hbpn.org.in’ malware
instead of
‘www.hvpn.org.in’
c) Verify with the If you receive an c) Don’t Trust Always have a
Source unexpected email from Urgent doubt/reservation of
a known source, contact Messages emails that create a
the sender directly sense of urgency, such
through a known, as threatening to close
secure method to verify your account if you
its legitimacy. don't act immediately.
d) Report Report any suspicious d) Don’t Assume Phishers can create
Suspicious emails to your IT an Email is very convincing emails
Emails department or the Safe Because It that look legitimate
appropriate authority Looks
within your Professional
organization
2. Password sharing 2. Password sharing
a) Use Strong Create passwords that a) Don’t Use Avoid easily guessable
Passwords are at least 8 characters Common passwords like
long and include a mix Passwords "123456," "password,"
of upper & lower-case or "admin" or
letters, numbers, and sequences like
special characters. "qwerty," "abcd1234,"
b) Enable Multi- Enable multi-factor b) Don’t Reuse Avoid using the same
Factor authentication on your Passwords password for multiple
Authentication accounts for an Across accounts, especially for
additional layer of Multiple Sites sensitive ones like
security. banking or email.
c) Update Change your passwords c) Don’t Share Avoid sharing your
Passwords periodically, especially Your passwords with
Regularly for sensitive accounts. Passwords anyone. If you must
share access, use a
secure method like a
password manager
with shared access
d) Use Unique Ensure that each d) Don’t Use Refrain from using
Passwords for account has a unique Personal easily accessible
Different password to prevent a Information personal information
Accounts breach on one account such as birthdays,
from compromising names, or common
others words in your
passwords.
e) e) Don’t Save Avoid saving
� Passwords in passwords in your web
Browsers browser
3. In addition to the above, cyber security breach can also occur due to H/W related issues and
pirated software’s. To avoid this, please do as under:
A. Use of Wi-Fi routers in offices be avoided. In case of urgency, only trusted devices be
allowed on Wi-Fi router and all other devices be blocked.
B. External storage devices viz. Pen Drives, USB drives be avoided on computer devices. In
case external devices are mandatorily required, the devices be first scanned for
virus/malware etc.
C. The inbuilt anti-virus i.e. Windows Defender on laptops/desktops must be regularly
updated.
D. Official data is to be stored on D or E drives. C drive be used only for installation of
operating system and other required applications.
E. Regular backup of official data be taken.
F. Prompt intimation be given to ITMS regarding virus/ransomware attacks.
