Have you been hooked?

Recently I received the email shown here.

Looks very official, doesn’t it? It appears as if it came from Microsoft and looks like other emails I receive through Outlook. A couple of years ago, I probably would have been concerned I had lost an important email and might have clicked on the “restore access” link. But now, because I have participated in my company’s Cybersecurity Awareness Training initiative (yes, we “practice what we preach”!), I have learned to examine the information about the sender of emails I receive for suspicious data, especially when the email asks me to click on a link. In this case, the sender’s address is quite unusual; part of it uses my company’s domain but the second part uses a Hotmail domain. 

What would you have done if you received a similar email? Hopefully, you would have deleted it after reporting the receipt to your IT team so they could alert others in your organization to be aware of the likelihood they might receive a similar email. But let’s pretend that you clicked on the link and provided the information requested. What should you do? 

Follow these steps:

1. Change your account passwords

2. Report the incident to your business and IT service provider

3. Be more aware and cautious of emails you receive

4. Implement strategies to avoid future attacks

Not everyone is cautious enough to pick out phishing emails, but we can all educate ourselves and be more aware, which is one of the best ways to combat these emails. If you find yourself a victim of a phishing email, take necessary precautions to protect your assets as well as others’ and ask your IT service provider to help you implement Cybersecurity Awareness Training.