Cyber Awareness Tips


1. Do not open attachments or click on links unless the email is digitally signed, or you can directly verify the source, even if it appears to be from someone you know.
2. Verify web addresses asking for PII ( i.e. social security number end with a ".mil" or ".gov" extension)

Safeguarding Classified Information

1. If you operate in a secure facility (locked door SIPR area) ensure that IDs are checked and logs are filled out properly on the appropriate SF forms.
2. You can't verify yourself. The person being signed in should never be the one to put their information into the sign in log. Any questions? Contact YOUR unit IAO today.
3. Encrypt sensitive but unclassified and/or mission critical information. Ask your computer security administrator, or CSA, for more information.
4. Not sure if your document needs to be classified? Reference the security classification guide. Contact YOUR unit IAO today.
5. Be aware of tailgating or piggybacking attempts. If someone is waiting to access your facility let them be escorted by the person they have coordinated with or ensure that they are transferred into the care of that individual upon entering the facility.


1. All emails should be signed to ensure non-repudiation. Contact YOUR unit IAO today.
2. Check both sides of the CAC card, run your thumb over the photo to ensure that the card hasn't been altered or tampered with. Any questions? Contact YOUR unit IAO today.
3. We often tend to trust digitally-signed certificates without a second thought believing the digital signature or certificate authority they came from to be legitimate. Before clicking 'accept this certificate' ensure that it is from a trusted DOD CA.

Social Engineering

1. If you receive a suspicious email asking (Phishing) for PII don't delete or forward the email; contact the CFP @ 225-2666 immediately.

General Information

1. Do not connect any hardware or download any software, applications, music or information onto Air Force networks without approval. Any questions? Contact YOUR unit IAO today.
2. Our adversaries' plant malicious code, worms, BOT nets and hooks in common Web sites, software and in hardware such as thumb drives, printers, etc. Any questions? Contact YOUR unit IAO today.
3. Don't allow other users to utilize your login information, have users log in with their own accounts to access the network.
4. Maintain an unique password for all your systems. You shouldn't write them down or share them with anyone. Any questions? Contact YOUR unit IAO today.
5. Contact YOUR Unit IAO for a monthly cyber threat briefing today.
6. Log off at the end of each day. Staying logged into computers can prevent them from receiving important patches and updates that keep your computers working properly.
7. Having NIPR Net related issues? Call the Enterprise Service desk @ 225-2666 option 1 today.

Social Networking

1. Search engine poisoning ranks as the leading malware delivery vector for 2011. Recently the top search result for the AF Portal using Google search points to Do not use a commercial search engine to find the web address if possible.