SANS Tip Of The Day

Subscribe to SANS Tip Of The Day feed
The most recent SANS Institute Security Awareness Tips
Updated: 54 min 43 sec ago

Mobile Apps

16 hours 45 min ago
Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.

Forwarding Emails

October 26, 2016 - 1:00am
When you forward an email to others or copy new people to an email thread, review all the content in the entire email and make sure the information contained in it is suitable for everyone. It is very easy to forward emails to others, not realizing there is highly sensitive information in the bottom of the email that people should not have access to.


October 25, 2016 - 1:00am
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransome if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.

Shopping Online

October 24, 2016 - 1:00am
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.

Unique Passwords

October 20, 2016 - 1:00am
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.


October 19, 2016 - 1:00am
Turn off Bluetooth if you are not using it on your computer or device. Not only does this make it more secure, but it also saves battery life.

Social Media Privacy Settings

October 18, 2016 - 1:00am
Privacy settings on social networks have limited value. They are confusing to configure and change often. Ultimately, if you do not want your parents or boss reading it, do not post it.

Don't Trust Links Sent in Email Messages

October 12, 2016 - 1:00am
A common method cyber criminals use to hack into people's computers is to send them emails with malicious links. People are tricked into opening these links because they appear to come from someone or something they know and trust. If you click on a link, you may be taken to a site that attempts to harvest your information or tries to hack into your computer. Only click on links that you were expecting. Not sure about an email? Call the person to confirm they sent it.

Trust Your Instincts

October 11, 2016 - 1:00am
Ultimately, common sense is your best protection. If an email, phone call or online message seems odd, suspicious or too good to be true, it may be an attack.

If You Are a Victim of Identity Theft

October 7, 2016 - 1:00am
Report any identity theft immediately by following these steps:Contact the three major credit bureaus and have them place a fraud alert on your credit report.If a credit card was involved, contact the credit card company and have a new credit card with a new number issued.Contact your local law enforcement agency and file a report.File a complaint with the Federal Trade Commission.Document all conversations so you know whom you spoke to and when.

Reporting an Incident

October 6, 2016 - 1:00am
Eventually, we all get hacked. The bad guys are very persistent and we can all make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! Your security team is there to help you. The sooner you report an incident, the sooner we can help resolve the problem.

Kids and Screenshots

October 4, 2016 - 1:00am
If you have kids with mobile devices, create a central home charging station in a place like your bedroom. Before the kids go to bed at night, have them put their mobile devices there so they are not tempted to play with them when they should be sleeping.

Two-Step Verification

October 3, 2016 - 1:00am
Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.

Email and Emotions

September 30, 2016 - 1:00am
Never send an email when you are angry; you will most likely regret it later. Instead, when you are emotional and want to reply to someone, open up an email and write everything you feel, but do not send it. (Be sure there is no name in the TO field so that you do not accidently send it.) After you have vented, save the email and come back an hour later. You only want to reply to any type of emotional situation after you have had time to cool down.