- Participate in security awareness training to provide a strong line of defense and identify red flags in potentially malicious communications.
- Use strong, unique passwords and enable multi-factor authentication (MFA) where available, choosing authentication apps or hardware tokens over SMS text-based codes.
- Keep systems up to date and apply patches after appropriate testing.
- Install endpoint security solutions to help protect against malware.
- Utilize monitoring and detection solutions to identify suspicious login attempts and user behavior.
- Implement email filtering solutions, such as spam filters, to help block messages. The New Jersey Email Authorization & Authentication Set Up PDF and the Sender Policy Framework - SPF Guide NJCCIC products provide information on establishing DMARC authentication.
- Ransomware mitigation techniques and recommendations are available in the Ransomware: The Current Threat Landscape and the Ransomware: Risk Mitigation Strategies NJCCIC products. Phishing emails and other malicious cyber activity can be reported to the FBI's IC3 and the NJCCIC.
