via wordfence.com => original post link
October is National Cyber Security Awareness Month in the U.S., and this year’s theme is “See Yourself in Cyber.” What is really being said by this theme is that we all have a role to play in cyber security, whether we work in the industry or not. With this in mind, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) have identified four key areas where we can all take action to protect our presence online, and work to keep others safe. These same concepts can be used to help secure WordPress sites as well.
Think Before You Click
The idea behind this concept is that you should always be on the lookout for phishing attempts. This is true in general, but also applies specifically to anyone who is an administrator of a WordPress site. Anyone who is in this role is likely very familiar with receiving emails from their website that advise of available updates, or comments that need to be moderated, and plenty of plugins have their own reasons for sending emails to administrators as well. As most administrators don’t log into the admin panel daily, these emails are often a critical part of the site management workflow.