We can’t go too long without talking about the importance of recognizing and reporting phishing. While many users are familiar with phishing it’s easy to be in a rush and miss some of the warning signs. That’s why it’s important to remind employees often what to look for so it becomes second nature! Of course, it’s also critical that employees know how to report phishing or suspicious emails!

Here are some of the steps CISA highlights in their guidance on phishing:

  1. Recognize
    1. Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately
    2. Requests to send personal and financial information
    3. Untrusted shortened URLs
    4. Incorrect email addresses or links, like amazan.com
    5. A common sign used to be poor grammar or misspellings although in the era of artificial intelligence (AI) some emails will now have perfect grammar and spellings, so look out for the other signs.
  2. Resist
    1. Do not click on links or open attachments you’re not expecting
    2. Report the email using the “report spam” button or other options to report that may be near the person’s email address.
  3. Delete
    1. Delete the email. DO NOT reply, click on anything in the email or “unsubscribe.”