An advisory on passwords

Several cases have been reported by IISc users who have received blackmail emails sent by unethical hackers demanding money in the form of bitcoins. These are a part of organized cyber scams perpetrated by these hackers. More such emails can be expected to be received in the coming days and weeks. There is absolutely nothing to be worried about these, but here is a list of do’s and don’t’ s when you receive such emails:

1. Do not reply to the emails; just ignore them.
2. Do not pay up any money or bitcoins
3. The emails usually start with your user ID and a password that you were using several years back. Please check out https://haveibeenpwned.co m/ to find out if the passwords you are using for various IDs have been breached.
4. Please change all your passwords if you get these emails; in any case, once every few months, change your passwords to long, extremely strong ones. This is a best practice.
5. Do not open attachments in emails received from people that you don’t know
6. It will help if you send an email to junk@office365.microsoft.com and phish@office365.microsoft.com by dragging and dropping It the received rogue email. It will help the mail system to build up rules that will automatically exterminate these emails.
7. It is a best practice not to forward your emails to open cloud email platforms such as Gmail.