RED ALERTs:
any site asking you to provide your Google Sign or Microsoft login credentials
The only site you should ever use your Google login credentials at is https://accounts.google.com - including any sites that provide the options similar to:
e.g. nytimes.com - will goto https://accounts.google.comThe only site you should ever use your Microsoft login credentials at is https://login.microsoftonline.com
any document with embedded links directing you to new sites - e.g. Docusign link that links to another website. Be careful. Go directly to the site.
Anything that asks you to sidestep the normal process e.g. do me this favor but don’t tell anyone. Stop. Anyone can easily impersonate
Best Practices:
Use MFA with any site where you’ll be storing corporate data For Google its easy to get started with this website: https://www.google.com/
landing/2step/ Use unique passwords and manage them with LastPass or similar
Check with IT about software, do not download unsanctioned programs from the Internet
Unsure? Sent a screenshot or forward the message as an attachmen
Fall for a scam? We’re here to help. Please, let us know right away so we can assist.