Practical advice on cybersecurity, AI, and technology — written for NZ homes and small businesses.
ClickFix scams mimic CAPTCHAs to trick you into running malicious commands to install malware. Stay safe by never pasting unknown code.
Device code phishing can use real Microsoft login flows to trick users into granting access, bypassing MFA and stealing tokens without passwords.
Outlook's Delay Delivery holds emails in your Outbox before sending to give you time to catch mistakes or stop something you'll regret sending.
Personal web habits can unintentionally expose business data. Reducing this risk involves making safer behaviour the path of least resistance.
Fake recruiters and fraudulent job postings are increasingly common. Stay informed and cautious to weed out real opportunities from fake ones.
Unvetted browser extensions can be a problem. Our simple five-minute security check can prevent most extension problems before they start.
Cloud storage is no longer a guaranteed backup. Proper backup systems should be separate, secure and protected if cloud credentials are attacked.
Session cookie hijacking steals the trust granted after MFA succeeds and allows attackers to walk past defences you assumed were impenetrable.
While there is no foolproof way to spot a romance scam, our checklist of warning signs to look out for can help protect you from getting scammed.
Shadow AI is the unsanctioned use of AI tools without IT approval. "Helpful" AI shortcuts can expose sensitive data and put your company at risk.
Text messages are one of the weakest ways to secure accounts with two‑factor authentication. An Authenticator App is a much stronger alternative.
Securing your work device at home is non-negotiable. Use our remote work security checklist to keep remote work productive and safe.