Best practises in safely transferring data and what to do after a data breach

image of data and files being transferred between two computers

08 Oct 2024

In today's digital age, the transfer of data—whether it's personal, professional, or sensitive—plays a critical role in our daily operations. However, every instance of sharing or receiving data also presents an opportunity for cybercriminals to exploit vulnerabilities. From entering passwords on websites to downloading files, malicious actors are constantly devising new tactics to compromise your security.

It’s crucial to remain vigilant and adopt best practices to safeguard your information against these evolving threats. Below are key strategies to help you ensure the security of your data and Trinity's data in order to prevent potential breaches.

Entering Passwords

Always ensure that the website you are entering your password into is legitimate. Cybercriminals often create fake sites that mimic legitimate ones to steal credentials.

Double-check the URL and look for secure indicators such as 'https' and a padlock icon in the address bar.
Sending Authentication Codes

If you’re asked to send an authentication code outside of a legitimate authentication portal (e.g., receiving requests through WhatsApp, even from known contacts), be cautious.This is often a red flag for phishing or scam attempts.

Treat any unexpected requests for authentication codes as suspicious and confirm with the requester through a trusted method before proceeding.
Disclosing Business Information

If you're asked to transfer sensitive Trinity data and information (e.g., student records, payroll details, or project information), you should always verify the legitimacy of the request.

Be especially cautious if the request comes unexpectedly. Verify the source via official communication channels before taking action to avoid falling victim to social engineering attacks.
Disclosing Sensitive Personal Information

You should be cautious when asked to transfer private personal information. Whether it’s your PPSN, financial details, or other personal data, it’s essential to confirm that the request is legitimate before sharing.

Scammers often pose as trusted parties to collect this type of data.
Downloading Files

One of the most common ways to fall victim to malware is by downloading files from unknown or untrusted sources. Downloading malware can lead to obtrusive pop-ups, personal data being stolen, malicious actors taking control of your accounts, and your device being completely disabled by ransomware.

When downloading files, always make sure the sender or website is legitimate

By following these simple guidelines, you can significantly reduce the risk of data breaches and cyber attacks. Stay alert and always verify before you act.

Take action after a breach notification

If you receive an update that your credentials may have been compromised, you should take the following actions:

Confirm that the notification is legitimate - Check the sender address and/or link address to make sure you have received a legitimate breach notification, and not a phishing email.
Update your passwords - Update the passwords on any compromised site! Whenever credentials are leaked, there is a high likelihood that they have been published and/or sold on the dark web. Malicious actors use these credentials to try compromising additional accounts.
Add an authentication method - The best way to protect yourself from a credential breach is to include additional authentication methods to your logins. If given the option, then ensure you have additional authentication methods on all of your logins - these can exist in the form of email / text / phone call.

When in doubt, report it! If you're ever unsure about the legitimacy of any communication source, then don't hesitate to contact IT Services for advice and support.

Are you following the Cyber Crime Watch Hub?

Stay informed throughout Global Cyber Security Awareness Month by following the Cyber Crime Watch Hub.

Cyber Crime Watch Hub