My Zen IT Newsletter – #13

🚨 Hover Before You Click – Before clicking any link, hover your mouse over it. The actual URL will appear in the bottom-left corner of your screen (or as a preview in Outlook). If the address looks unfamiliar, misspelled, or doesn’t match the official website, don’t click it.

🚨 Check for Misspellings – Cybercriminals create fake sites that look nearly identical to real ones but may have small typos or extra characters (e.g., “micros0ft.com” instead of “microsoft.com”).

🚨 Look for HTTPS – Secure websites should start with “https://”, not just “http://”. However, some fake websites may still use HTTPS, so this alone isn’t enough to verify a site.

🚨 Be Cautious with Shortened Links – Links from services like Bit.ly or TinyURL can hide the actual destination. If you receive one in an email or message, be extra cautious, especially if the sender is unknown.

🚨 Unexpected Attachments & Links in Emails – Even if the email appears to come from someone you know, cybercriminals often spoof email addresses. If an email is urgent, unexpected, or asks you to log in somewhere, double-check with the sender before clicking.

⚠ Close the Page Immediately – If the page asks for login credentials, personal details, or downloads something, exit right away.

⚠ Do Not Enter Any Information – If you accidentally land on a suspicious login page (like a fake Outlook or bank login), do not enter your username or password.

⚠ Report the Email or Link – In Outlook, you can report phishing emails by clicking “Report Phishing” in the message options.

⚠ Change Your Password If Necessary – If you think you may have entered credentials on a fake site, immediately change your password and enable two-factor authentication (2FA) if you haven’t already.

⚠ Let your team know – if you are concerned about any security risk, it will always be best practice to report to your working manager.