The prevalence of phishing scams is at an all-time high. Because you are the key to preventing a cyberattack within your organization, it is important to question the legitimacy of every email you receive. Below is a list of questions to ask yourself about who or where the email came from that may help you realize that you are being phished.
SENDER: Analyze who and where the email came from.
- Do you communicate with this person regularly?
- Do you have any type of relationship with the sender? If not, were they at least vouched for by someone you trust?
- Is this email from outside of your organization or unrelated to your job responsibilities?
- Was the email sent from someone you recognize but the content seems unusual or out of character, such as them making an odd request or a using a style of writing that is not typical of them?
- Is the sender’s email from your company domain? Double check that it is not a visual spoof of your domain, such as “dornain.com” rather than “domain.com”.
- Is the sender’s email from a suspicious external domain? (like micorsoft-support.com rather than microsoft.com)
If you notice anything about the email that alarms you, do not click links, open attachments, or reply. You are the last line of defense to prevent cyber criminals from succeeding and making you or your company susceptible.
Stop Look Think – Don’t be fooled