- Enable MFA on school accounts.
- Use a password manager and unique passwords.
- Verify sender domains before clicking links.
- Be wary of urgent or threatening language.
- Prefer PDF over executable attachments; when in doubt, ask IT.
- Keep devices patched and auto-update on.
- Report suspicious emails; don’t forward them.