The agency also recommends verifying suspicious files by contacting the sender through a phone call or separate message before opening them. Users should avoid opening files with extensions such as .vbs, .vbe, .exe, .bat, .cmd, .js, and .ps1, as these file types can execute commands and potentially install malware.