Phishing is a deceptive cyberattack where malicious actors pose as trustworthy entities to steal sensitive data. This professional guide provides your team with immediate response protocols, identification techniques (SLAM), and visual examples to prevent credential theft and financial loss.
If you suspect you have received a phishing email or clicked a malicious link, follow these steps immediately. Do not ignore it.
If you clicked a link or downloaded a file, disconnect your device from the Wi-Fi or network immediately to prevent malware spread.
Do not reply to the sender. Do not forward the email to colleagues (unless reporting). Do not try to "test" the link.
Forward the email as an attachment to your security team or use the "Report Phishing" button in your email client.
Contact Security TeamSelect a playbook below to open the detailed investigation procedures in a modal window.
Analyze the email using the SLAM method to identify potential threats.
Below are simulated phishing attempts. Hover over the highlighted areas to see why they are suspicious.
Hi,
I am in a meeting and can't talk right now. I need you to process a wire transfer immediately for a new vendor.
It needs to go out in the next 30 minutes or we lose the deal. Do not mention this to anyone yet, I will explain later.
Sent from my iPad
Dear User,
Your password is set to expire today. You must retain your access by validating your credentials below.
Failure to do so will result in permanent account lockout.
Regards,
System Administrator
Hello Customer,
Thank you for your order. We have successfully charged your account $499.99 for your annual antivirus protection plan.
If you did not authorize this charge, you must call our fraud department immediately to cancel.
Call Now: +1 (888) 555-0192
Team,
HR has shared a new file with you: "Q3_Bonus_Structure_Updates.pdf"
Please review and sign by end of day Friday.