Don’t save passwords to your browser
Saving passwords in your browser is a security risk.
New forms of AI-driven malware can scrap passwords stored in web browsers. Fraudsters can then invisibly attempt to access your laptop and network.
Fraudsters are spoofing websites, and you may inadvertently be saving a password to a malicious site. Armed with this info, fraudsters can get into your network and lock up your systems, making it impossible for your department to operate. Restoration and mitigation of systems and files can take weeks, a disruption that would be stressful for you, other staff, and the public that you serve.
The following action steps are simple but strong controls to keep your work systems and data safe:
Action Steps
- Resist the urge, even when prompted, to save passwords in your work browsers
- Use VPN when searching websites
- Verify that you are on a legitimate and not a spoofed site
Recommended tips are simple controls that departments can integrate into daily operations and can be included as part of the annual Internal Controls Certification (ICC) preparation to demonstrate due diligence.
See our CTR Cyber page for more cybersecurity internal controls. Contact [email protected] with any incidents or suspected incidents of fraud or cyber threats or if you need support from our Statewide Risk Management Team.