Clicking links in suspicious emails. That is the largest contributor to cyber crime and virus issues. All of the recent companies that have had their data held hostage were caused by someone inside the network getting a phishing or more sinister email and clicking the link provided. Our IT department actually sends out fake phishing emails multiple times a month to test the users. Click 3 of them and you could be fired, but discipline of some sort is happening. 1st time is training, 2nd time is face to face with IT security and your boss, 3rd time up to and including firing type of discipline. That is how important it is. We can go look at a scoreboard to see how we are doing. We have had people provide their login credentials to one of these fake phishing emails. That is all it takes for a bad actor to get inside your network and do some damage.

All that to say, don't click the links unless you were expecting it and even then, I usually go to the company web site and login their as usual.

I also change passwords all over the place all the time and use the really hard ones: jIOt*7&$59(pDR for example. I have to keep track of them but they are hard to break.

My wife asked if I had seen the dog bowl. I told her I didn't even know he could.