Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information on the 2024 Campaign is available now.  Click here to find out more.

Cyber Hygiene:  Common Cybersecurity Practices

The Secret Service recommends following these protective measures when using devices connected to the Internet. Following each of these steps will help better to protect yourself from online scams and fraud. 

Account Passwords

  •  Change passwords regularly and use different passwords for each system and account.
  • Utilize multi-factor authentication (MFA) for an added layer of login security, when available.
  • Immediately change factory preset passwords on devices, to include Wi-Fi routers and smart devices.
  • Use a secure password management app to store your passwords.
  • Use answers only you know, for security questions.

Software and Apps

  • Install operating system updates as soon as they are available for all devices.
  • Install antivirus software and update antivirus definitions as soon as they are available.
  • Install only trusted apps and update them regularly.
  • Utilize enhanced social media privacy settings.

Online Activity and Transactions

  • Update browsers as soon as they are available on all devices.
  • Use reputable and legitimate websites.
  • Be mindful of posting personal information on social media.
  • Ensure websites are encrypted. Look for “https” and a lock icon in the web address bar.
  • Do not ignore certificate error notifications.
  • Always verify website addresses by manually typing them.
  • Use WPA2 or WPA3 security for wireless networks.
  • Do not broadcast your wireless name – Service Set Identifier (SSID).

Social Engineering: Phishing and Smishing

  • Never respond to an email or text message from an unknown source.
  • Never click on a link or open an attachment from an unknown source.
  • Never respond “Stop” or “No” to prevent future text messages. Delete the text instead.
  • Never share your financial or personally identifiable information (PII).
  • Always read the entire email and look out for suspicious indicators, such as poor grammar or email addresses disguised to appear legitimate.
  • Always independently verify where a request for sensitive information originates.
  • Always independently type a website address instead of clicking on a link.
  • Always mark an email from unknown source as spam.

Mobile and Smart Devices

  • Change passwords regularly and use different passwords for each system and account.
  • Enable screen lock and device encryption.
  • Use biometric authentication.
  • Turn off geolocation features when not in use.
  • Disable Wi-Fi and Bluetooth when not in use.
  • Disable AirDrop on Apple devices.
  • Configure devices to automatically update or update them as soon as available.
  • Enable the “Find My Device” or equivalent feature.
  • Consider whether constant Internet connectivity is necessary for smart devices.

Connectivity While Traveling

  • Change passwords regularly and use different passwords for each system and account.
  • Avoid connecting to public Wi-Fi. If using public Wi-Fi do not transmit any sensitive information or PII.
  • Avoid public charging stations when possible.
  • Use a commercially available Virtual Private Network (VPN) service for your devices.
  • Do not connect devices to rental vehicles (Bluetooth, Wi-Fi, or USB.
  • Use datablocker plugs to charge your devices when necessary.

If you suspect you are a victim of fraud or an online scam, contact your local Secret Service field office.