There are times where a malicious email may make its way past our existing security and into your mailbox. When this happens, what do we do to make sure we prevent any damage from being done?
First, we need to make sure we can identify a malicious email:
- Are there any typos? Many of these lower tier attacks will have clear signs of low effort such as low quality branding, typos, and questionable grammatical errors. Keep on the lookout for these!
- Check the sender address, not just the users display name! If you see a familiar name, but it's sent from an unfamiliar address, this is a red flag and should be handled promptly. Confirm with your coworker if they did indeed send this message to be doubly sure if it's legitimate or not. Note: Even if the sender name and email are indeed legitimate, it's entirely possible that the attacker has spoofed both the name and email.
- If you see an aggressive call to action to instill panic, this may be a red flag! Many phishing attempts try to instill fear into your person by saying "you have X amount of time to complete this or your account will be shut down" accompanied with a link or button to lure you into their domain. Don't panic!
Now that we've identified the malicious email, let's handle it!
- Let your IT team know that you're getting these malicious emails and we'll make adjustments to Proofpoint- our first line of defense to keep them from getting to you all in the first place!
- To block the email and the sender in Outlook, you'll need to:
- Right click the email
- Navigate to the Junk section and select Block Sender as depicted below.
- Right click the email