Cyber Awareness
Staying Safe from Phishing Emails: Why It Matters
Phishing emails are one of the most common and dangerous forms of cyberattack. They are designed to trick you into revealing sensitive information—like passwords, financial details, or company data—or to get you to click on malicious links or attachments.
These attacks can lead to:
- Data breaches
- Financial loss
- Identity theft
- Compromised systems
- Reputational damage
Cybercriminals are becoming increasingly sophisticated, often impersonating trusted contacts or well-known organizations. That’s why every employee plays a vital role in keeping our systems and data secure.
How to Spot a Phishing Email: Red Flags & Clues
- Suspicious Sender Address
- Look for misspellings or unusual domains (e.g., @micr0soft-support.com).
- Generic Greetings
- “Dear Customer” instead of your name is a common sign.
- Urgent or Threatening Language
- Phrases like “Act now!” or “Your account will be locked” are designed to scare you.
- Unexpected Attachments or Links
- Hover over links to check the real destination. Don’t open attachments you weren’t expecting.
- Spelling and Grammar Mistakes
- Poor language is a common giveaway. However, this is becoming less common due to the use of AI by cybercriminals.
- Requests for Sensitive Information
- No legitimate company will ask for passwords or personal info via email.
- Too Good to Be True Offers
- Promises of prizes or refunds are often bait.
- Unusual Formatting or Logos
- Low-quality images or strange layouts can indicate a fake.
- Mismatched URLs
- If the link text and actual URL don’t match, it’s suspicious.
- Odd Timing
- Emails sent at strange hours from colleagues or vendors may be fake.
What to Do If You Suspect a Phishing Email
- Don’t click on links or open attachments
- Don’t reply to the sender
- Report it to ICT Servicedesk immediately
- Delete the email after reporting