Catching phish: How to avoid users getting hooked

Best practices in IT security  

Never accept a call claiming to be from Microsoft, lock computer screens, check with IT before opening dodgy-looking emails, watch out for fake domain names, especially sites that look genuine but have slightly different URLs, be aware that hackers could target Google and Facebook-based authentication