1. Verify the sender’s identity
- Never blindly trust an email, call, or message.
- Always check the sender: is it really the correct email address? The right phone number?
If in doubt, contact the organization directly using another method.
2. Never share your passwords
- An official service will never ask for your password by email, message, or phone.
If someone asks for it, it’s a trap.
3. Beware of urgency
Hackers often use phrases like:
- “THIS IS URGENT”
- “YOUR ACCOUNT WILL BE DELETED”
- “YOU MUST PAY NOW”
4. Check links before clicking
Before clicking on a link, hover your cursor over it (or long-press on smartphones) to see where it really leads.
Informing friends and classmates also helps reduce risks.
5. Use two-factor authentication (2FA)
Even if a password is stolen, two-factor authentication often prevents access to the account.
6. Train yourself and raise awareness
Knowing common social engineering techniques makes them easier to detect.