Managing Phishing email
Receiving phishing emails is common for those who work in large companies. Here are some best practices for recognizing and managing them:
- Messages may contain grammatical errors
- The sender's email address is disconnected from the context, ambiguous, and contains reversed spellings (for example, mircosoft instead of microsoft) or fake domains
- The email contains links that may require common actions such as scheduling a call, filling out a form, or downloading a document
- They may contain the names or contact information of colleagues and departments within the organization to mislead you.
Whan can you do?
Avoid clicking the link or performing any action requested in the email. Then, report the sender's address as phishing. Reports will cause the email system to consider the sender untrustworthy. To report a message from Outlook, select the offending email and then use the “Report” tool (represented by a red shield with an exclamation point) in the top horizontal menu.
From the drop-down menu, select the “report phishing” option.
If you have any doubts or fears about clicking the link, contact ITCS staff at helpdesk@sissa.it or 822. If you click the link, don't panic; changing your password can prevent most problems. Anyway, Multi Factor Authentication provides sufficient protection nowadays.