Suspicious/Malicious Email
🛡️ Recognizing and Handling Phishing Emails
Phishing emails are deceptive messages designed to trick you into giving up sensitive information, such as passwords, account details, or financial data. Knowing how to spot them and what to do can protect you and your organization from serious threats.
🔍 How to Identify a Phishing Email
Look out for these common signs:
-
Suspicious Sender Address
Watch for email addresses that mimic legitimate organizations but contain subtle misspellings or odd domains (e.g., security@paypa1.com).
-
Generic Greetings
“Dear Customer” or “User” instead of your real name can be a red flag.
-
Urgency or Threats
Phrases like “Your account will be locked!” or “Immediate action required” pressure you to act quickly without thinking.
-
Unusual Requests
Emails asking you to verify credentials, transfer funds, or provide personal data are suspect.
-
Links or Attachments
Hover over links before clicking—do they point to an unexpected or suspicious destination? Attachments from unknown senders can contain malware.
-
Poor Grammar or Formatting
Legitimate businesses rarely send emails riddled with errors or inconsistent branding.
âś… What to Do When You Suspect Phishing
Here’s how to respond safely:
-
Don’t Click
Avoid clicking any links or downloading attachments until you’ve verified the source.
-
Don’t Reply
Responding confirms your email is active and may invite more phishing attempts.
-
Report It
Use your organization's reporting tools (e.g., “Report Phishing” in Outlook) and forward the email to the Solutions Hub at SolutionsHub@dmu.edu
-
Delete It
After reporting, safely delete the message from your inbox and trash.
-
Monitor Accounts
If you’ve clicked a suspicious link, change your passwords and monitor your bank and email accounts for unusual activity.
🧠Final Tips for Staying Safe
-
Keep Software Updated
Use the latest security patches on email clients and browsers.
-
Enable Multi-Factor Authentication (MFA)
MFA adds a second layer of protection beyond passwords.
-
Stay Informed
Cyber threats evolve—stay up to date through security training and company bulletins.