Recognize and Report Phishing

Phishing occurs when criminals try to get us to open harmful links, emails or attachments that could request our personal information or infect our devices. Phishing messages or “bait” usually come in the form of an email, text, direct message on social media or phone call. These messages are often designed to look like they come from a trusted person or organization, to get us to respond.?

?The good news is we can avoid the phish hook and keep business accounts secure with these tips!?

1. Recognize?

Look for these common signs:?

• Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately?
• Requests to send personal and financial information?
• Untrusted shortened URLs?

• Incorrect email addresses or links?

A common sign used to be poor grammar or misspellings although in the era of artificial intelligence (AI) some emails will now have perfect grammar and spelling, so look out for the other signs.?

2. Resist?

If you suspect phishing, resist the temptation to click on links or attachments that seem too good to be true and may be trying to access your personal information. Instead, report the phish to protect yourself and others. Typically, you’ll find options to report near the person’s email address or username. You can also report via the “report spam” button in the toolbar or settings.?

3. Delete?

Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link. Just delete.?

?

CISA has many resources to get your team started with online safety! Learn more at https://www.cisa.gov/secure-our-world ?