As part of our mission to keep Republic Cyber Safe, it’s critical for all employees to understand how to recognize and report phishing emails. By quickly identifying and reporting threats, you become the hero behind the scenes, preventing potential breaches and ensuring our systems stay strong.
What is phishing?
According to the National Cybersecurity Alliance, phishing is when criminals use fake emails, social media posts or direct messages with the goal of luring you to click on a bad link or download a malicious attachment. If you click on a phishing link or file, you can hand over your personal information to the cybercriminals. A phishing scheme can also install malware onto your device.
Uh oh! I think I see a phishing email. Now what?
Report phishing using the “Security Actions” Proofpoint button
If you receive an e-mail at work that is raising red flags as a potential phishing e-mail, it’s critical that you do not click on anything within the email. Instead, use the “Security Actions” Proofpoint button located on the top ribbon in Outlook:
Steps to Report:
- Open the Email. Avoid interacting with potentially harmful links or downloads.
- Navigate to the Top Ribbon: Spot the white ‘P’ on a blue background—that’s your ‘Security Actions’ button.
- Report: Clicking this button may present you with a few options. Choose “Report Phishing.”
Report phishing using the “Report Suspicious” Button
A second option is to use the “Report Suspicious” button located on the banner of the external email:
Steps to Report:
- Open the Email. Avoid interacting with potentially harmful links or downloads
- Locate the “Report Suspicious” button in the external banner, just below the subject line.
- Report: By clicking the button and confirming, you’re alerting our Cybersecurity team to step in and take protective measures.
Report phishing from Web Browsers with Proofpoint for Outlook
Proofpoint for Outlook makes it easy to report fake emails or any suspicious messages you receive by just clicking a button.
Steps to Report:
- Open Outlook in your web browser (Chrome, Firefox, etc.
- Navigate to the Email: Don’t click on any links or download attachments.
- Report: Click the ellipses (3 dots) at the top right of your email, then click “Proofpoint for Outlook” then select “Report Phishing”
Tips for spotting phishing emails:
- Does it contain an offer that’s too good to be true?
- Does it include language that’s urgent, alarming, or threatening?
- Is it poorly written and riddled with misspellings and bad grammar?
- Is the greeting ambiguous or very generic?
- Does it include requests to send personal information?
- Does it stress an urgency to click on unfamiliar hyperlinks or attachments?
- Is it a strange or abrupt business request?
- Does the sender’s e-mail address match the company it’s coming from? Look for little misspellings like pavpal.com or anazon.com.
Cybersecurity is not just a task for IT teams. Every employee plays a vital part. Reporting suspicious emails, double-checking the identity of callers, and adhering to security protocols are essential actions everyone can take. If you ever have a question on a suspicious interaction, please do not hesitate to reach out to firstname.lastname@example.org or access the Cybersecurity SharePoint site to learn more.