- Refrain from responding to unsolicited communications, clicking links, or opening attachments from unknown senders.
- Exercise caution with communications from known senders.
- Confirm requests from senders via contact information obtained from verified and official sources.
- Navigate to official websites by manually typing official website URLs into browsers, and only submit account credentials and sensitive information on official websites.
- Use strong, unique passwords for all accounts and enable MFA where available, choosing authentication apps or hardware tokens over SMS text-based codes.
- Keep systems up to date and apply patches after appropriate testing.
- Run updated and reputable anti-virus or anti-malware programs.
- Report malicious cyber activity to the NJCCIC and the FBI’s IC3.
