A Phishing email is when a cybercriminal tries to trick email users by sending an email address from a manager, coworker or business partner. With the move to cloud mail services such as O365 and Gmail, it’s very easy for cybercriminals to target users and harvest their credentials.
The first step is to look at the sender’s email address closely. Sometimes there are subtle differences in the address.
Real address: Joe@user.com
Fake address: Joe@uzer.com
Sometimes this is not clearly visible as it is masked so hovering with your mouse over the username can help unmask the real address.
If the email has an embedded link, never click it but use the same technique and hover over it to see where it leads to. If the link says Microsoft.com and you hover over it and on the lower left side of the Outlook screen it says CyberCrimal.com, you will know its fake.
Never open or download an email attachment unless you are 100% certain it’s safe.
The last step, if you weren’t expecting the email and don’t know who it’s from, don’t click it. If it’s regarding something important, they will contact you again.
I hope this helps.