Cybersecurity isn’t just a matter for the IT department or antivirus software. Every click, every password, every file sent can be a gateway. And sometimes it’s our most innocuous habits that expose us. Did you know that 95% of cybersecurity breaches are caused by human error? (Source: IBM Cyber Security Intelligence Index Report) Here are five cybersecurity common mistakes that even the brightest employees make without realizing it. Do you recognize yourself? Don’t panic. We’ll also explain how to fix the problem without needing a degree in computer security.
Reusing the same password everywhere
It’s convenient, we know. But it’s also every hacker’s dream. If your LinkedIn password is leaked in a compromised database, and you use the same password for your email or billing software, you’ve just handed them a digital master key.
What to do:
Use a password manager to create and remember unique codes.
And above all, opt for passphrases: a series of simple, long, easy-to-remember words, such as “thebluehillsingsloud.” This is much more secure than a short password filled with symbols.
Clicking too quickly on a “normal” email… or on its links
A message with a professional tone, the Microsoft logo, a link to an “urgent update”… It may seem legitimate. But it’s the links it contains that pose the real danger. One wrong click and you could be redirected to a fraudulent page or trigger a malicious download.
What to do:
- Take five seconds to look at the sender’s address and, above all, hover over the link before clicking.
- If you have any doubts, don’t click. Send a screenshot of the email to your IT team or delete it.
Opening a document… without checking its file extension
Today, file extensions such as .doc, .xls, and .ppt are often hidden by default in operating systems. As a result, you may not realize that you are opening a Word or Excel file, even though these are formats frequently used to hide malware or macros.
And it’s not always clicking that triggers the problem. In some cases, simply opening the file is enough to automatically activate embedded links or infected content.
What to do:
- Only open attachments from trusted sources.
- Ask your IT team to enable the display of full file extensions on your workstations.
- Be particularly wary of Word (.doc/.docx), Excel (.xls/.xlsx), and PowerPoint (.ppt/.pptx) files, especially if you are asked to “enable content” or follow an embedded link.
Lending your computer to a colleague
“Just two minutes, I need to go to the bathroom.” And before you know it, your colleague, with no malicious intent, clicks where they shouldn’t or deletes an important file.
What to do:
- Lock your session whenever you leave your workstation (Windows+L is quick).
- Everyone has their own access and their own responsibility.
Using free tools without checking their security
In the heat of the moment, we download a file converter or use a free platform to send a document or collaborate quickly. However, these tools do not always guarantee the confidentiality of the information you store on them. Some store your files, analyze them, or share them for commercial purposes. Others, if poorly configured, leave your data accessible to third parties without your knowledge.
What to do:
- Choose tools that have been approved by your IT team or managed service provider.
- Avoid storing or transferring sensitive documents (customer information, contracts, access details) on unverified free platforms. Even if it’s convenient, the confidentiality of your data should never be compromised.
Mon Technicien, your cybersecurity ally
At Mon Technicien, we don’t blame you for your mistakes—we train you to avoid them. Our cybersecurity services are designed for local SMEs: human, clear, and tailored to your reality. From daily support to comprehensive IT security management, we’re always one click ahead of hackers.
Thought of the day
“Better safe than sorry.”
– IT proverb inspired by a suspicious email
in your taskbar.