If you receive a phishing email, do not be afraid, it will not infect your computer if you do not click on links or reply.
See what you need to do (and what not must) if you receive an email "phishing".
In a phishing email, the sender tries to persuade you to click on a link or provide your personal information, such as bank accounts or passwords.
It is a conventional attack social engineering the social engineering. We have explained in detail how the "fishing" messages work, something worth reading if you are unfamiliar with them or do not know how to locate them.
But what if you receive a phishing email?
Do not panic or click on any links
When you receive a suspicious email do not panic. Modern email clients such as Outlook, Gmail, and Apple Mail do a great job of filtering out emails that contain malicious code or attachments.
So just because a phishing email lands on your inbox does not mean that your computer is infected with a virus or malware.
However, phishing emails pose a real security risk. It should not never to click on a link that contains the email or open an attachment that you have received from someone unless you are 100% sure that you know and trust the sender.
Also, you should never reply to the sender - even to tell him not to send you further messages.
Scammers can send emails to thousands of email addresses every day, and if you reply to one of their emails, it confirms that your email address is active.
This makes you even more vulnerable. Once the scammer finds out that you are reading his emails, he will make more efforts.
Do not click on links, open attachments or reply.
Contact the sender
If a suspicious email appears to be from someone you know or from a company you use, contact them to see if the message is true.
Μην reply to email. If it seems to come from someone you know, create a new email or send an SMS or call the person and ask if they sent you the message. Do not forward the email, as you will spread a possible phishing attack.
If the email claims to come from a company you use, bank, gym, or online retail store, go to their website and contact them from there. Again, do not you are doing click on links contained in the email. Enter the site address yourself (or use your preferred search engine) and use their "Contact" page to ask the company if it sent mail.
If you see that the email was sent to multiple people to upgrade an app, you can also send a tweet to the company and ask them directly. The company's social media representative may not be aware of individual emails, but will know if the company sent a bulk email to all customers.
Mention the email
There are four types of organizations to which you can refer phishing emails:
- Your company
- Your email provider
- Government Service (Cybercrime Prosecution)
- The organization from which the email is said to come
Report it to your company
If you receive an email "phishing" at your work address, you should follow your company policy. Security policies may require you to forward an e-mail message (Phishing) to a specific address, fill out an online report, create a ticket or just delete it.
If you are not sure what your company policy is, ask your security team.
Report it to your email provider
Your email provider will likely have a process where you can report phishing emails. The mechanism differs from provider to provider. The more samples your email company has, the better it can do spam filters to prevent possible scams.
In Google Gmail, click the three dots next to Reply to Email, then select Report Fishing Report.
Outlook does not provide the spam reporting option, but the Outlook web application does. It works the same way as Gmail. Click the three dots next to Reply to Email, then select Mark Fishing.
Apple is asking you to forward any suspicious messages to the address [Email protected] .
Report it to PPC
Some countries have authorities that deal with "phishing" emails. In Greece we have the DIE (Cybercrime Prosecution), which you can contact by email:[Email protected]
Report it to the company that allegedly sent the email
If the email appears to be from a company, you can often report it directly to them. For example, the Amazon has a dedicated email address and a form for reporting both email Phishing as well as telephone phishing.
Mark the sender as spam
You probably do not want to receive any more emails from the sender. Mark the mail as spam and your email client will block further messages from this address.
Delete the email
Finally, delete the email. Easy.