I got a phishing email, now what?

We all get phisning emails. What you may not know it just how many phishing emails are sent out daily. Some research puts this number at 3 Billion per day (3,000,000,000). As you can see, phishing remains one of the most useful tools in a cybercriminal’s arsenal.

I will not go into a deep dive about what phishing is and why phishing exist. This post is simply what to do when you receive a phishing email.

1. DO NOT CLICK ANY LINKS IN THE EMAIL.
2. DO NOT “SHOW PICTURES” or “ALLOW REMOTE CONTENT”.
3. Read the email to determine if it is fake (looks for misspellings and incorrect information). If the email looks fake, 99% of the time it is.
4. If you determined that the email is fake and you followed steps 1 and 2 above, then permanently delete the email and move on with your life (in outlook this is shift+delete.).

If you did not follow steps 1 and 2, the situation gets serious depending on how many things you clicked and what information you gave to the website you clicked on. if you clicked on anything, let us know ASAP so we can take appropriate actions.

If you are unsure if the email is fake, pick up the phone and call the vendor you do business with to verify the information in the email. Do not reply to the email asking “Is this real”. if the email if from someone you don’t do business with, then it is obviously fake.

Please do not forward phishing emails to AllPro asking “Is this fake” I don’t want phishing email in my staff’s mailbox. 75% of the time, we never get what you forwarded because our spam filter blocks them.

You are often waiting on a response from us that may never come. Delete the phishing email and move on with your life.

A few FAQ’s :

• How did they get my email? A) There are thousands of ways. 99% of anything you ever submitted or filled our online is searchable. They often guess names. Hackers can easily send something to everycommonname@yourdomain.com and find 100 actual people at a company.
• Why are they targeting me? A) Often you are not being directly targeted, they just want to see if you’ll take the bait.
• I swear I did not click on the phishing email. I deleted it like you said. Now what? A) Nothing. if you did not click, shift + delete and move on with your life.
• What protects my company from phishing and spam? A) The free spam filters are not that great (surprise surprise.) Ask us about our offensive security plan if you are interested in an upgrade in email security.
• I have your Offensive security plan and still get spam. A) Nothing will stop 100% of spam. I get a call each week from clients asking me to reduce their security by lowering the spam filter to allow more mail through because “Too Much Goes to Spam”. We can increase the spam filtering to catch more spam, just know it will catch more ham as well.