AIE Knowledge Base
Space shortcuts
Page tree

Versions Compared

Old Version 3

changes.mady.by.user Michael Pasqualone

Saved on

compared with

New Version 4

changes.mady.by.user Michael Pasqualone

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleIt's OK to be safe

Phishing attacks are common and routine - it's OK to err on the side of caution, and question the legitimacy of any email sent to you. If in doubt, call the person who sent you the email or SMS to validate it's authenticity, or contact the IT Service Desk.

Warning
titleEmail is not secure

Email technology is inherently not secure, email addresses and links can easily be faked and manipulated.


Some methods to recognise phishing emails

  • Suspicious links or unexpected attachments - the links that appear in an email body may go to somewhere unexpected, always rest/hover your mouse over any links which will reveal the real web address and don't click any suspicious links.
  • Urgent call to action or threats - be suspicious of any email that claim that you must click, call, or open an attachment with urgency. A common attack method is to claim something is time sensitive creating a false sense of urgency. Whenever you see a message calling for immediate action, pause, and look carefully at the message - are you sure it's real? Slow down and be safe.
  • First time or infrequent sender - whilst it's not unusual to receive an email from someone new for the first time, especially if they are outside your organisation. New senders can be a sign of phishing campaign, so take a moment and examine the email carefully.
  • Mismatched email domains - if the email claims to be from a reputable company, like Microsoft or your bank, but the email is being sent from another email domain like gmail.com, or microsoftsupportteam.ru or nabbank.com - it's a scam. Also be watchful for very subtle misspelling of the legitimate domain name, like micr0soft.com

How to report a phishing email

Warning
titleDon't forward to other staff

Do not forward suspicious or suspected phishing emails to other staff, by doing so - you are spreading the phishing attack and giving legitimacy to the original email and staff may feel safer to click links.

  1. Within Microsoft Outlook, select the suspicious message.
  2. From the ribbon, choose Report message and then select Phishing.
    Image Added

This is the fastest way to report it and remove the message from your Inbox, and it will help Microsoft improve their filters so that you or other staff will receive fewer of these attacks in the future. 

Content by Label
showLabelsfalse
max5
spacesAIEKB
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel in ("phishing","security","email") and type = "page" and space = "AIEKB"
labelsemail security phishing

...