Recognize a Phishing Email
Recognize a Phishing Email
Overview
Phishing is the most common way attackers get into a work account. The messages look like ordinary email but are designed to trick you into clicking a bad link, entering your password, or paying a fake invoice. This guide shows you how to spot one before you click.
Before You Begin
- You do not need to install anything. You only need to slow down and look closely.
- Know the rule: if a message creates urgency, fear, or excitement, treat it as suspicious until proven otherwise.
Steps
- Check the sender's full email address, not only the display name. Click or tap the sender to expand it. Look for:
- Misspelled domains: micros0ft.com, payrol1.com, bostonm1t.com.
- Mismatched domains: a message claiming to be from your CEO that comes from @gmail.com or a random consulting domain.
- Look at the greeting. Generic greetings like Dear User or Dear Customer are a warning sign for messages that pretend to know you.
- Read the message slowly. Phishing often includes:
- Urgency: "Your account will be closed in 24 hours."
- Threats: "Failure to act will result in termination."
- Rewards: "You have won a $500 gift card."
- Unusual requests: a manager asking you to buy gift cards from your phone.
- Hover over every link before clicking. On a computer, the real destination appears in the bottom-left of the browser. On a phone, press and hold the link to preview it. If the domain does not match the brand it claims, do not click.
- Look at attachments with caution. Unexpected invoices, shipping notices, or HTML files are common phishing payloads.
- Check whether the message asks you to bypass normal process. Real wire transfers, password resets, and W-2 requests follow your company's process. Email shortcuts are a red flag.
- When in doubt, do not reply or click. Use the steps in Report a Suspicious Email.
Troubleshooting
- If you are not sure whether it is real: contact the sender through a known channel (phone, Teams, in person). Never reply to the suspicious message to verify.
- If you already clicked a link but did not enter a password: close the browser tab and report the message.
- If you entered your password: follow What to Do If Your Account Is Compromised right away.
- If the message looks like internal IT but you are not sure: real BMIT support will never ask for your password.
Related Articles
Need More Help?
Submit a ticket at support.bostonmit.com or email support@bostonmit.com.
Related Articles
Report a Suspicious Email
Report a Suspicious Email Overview When a phishing message slips into your inbox, reporting it helps protect your coworkers and trains your company's filters to catch similar messages next time. This guide shows you how to report a suspicious email ...
Choose a Strong Password You Can Actually Remember
Choose a Strong Password You Can Actually Remember Overview A strong password is your first line of defense against account takeover. The good news: strong does not mean unmemorable. This guide explains what makes a password strong and how to pick ...
Use Your Company Password Manager
Use Your Company Password Manager Overview A password manager remembers every password you use so you do not have to. Your company provides one as part of your standard tools. This guide explains how to install it, save your first password, and use ...
Reset Your Microsoft 365 Password
Reset Your Microsoft 365 Password Overview If you have forgotten your Microsoft 365 password, you can reset it yourself in a few minutes using self-service password reset. This guide walks you through the process from a phone or computer. Before You ...
Report a Lost or Stolen Laptop or Phone
Report a Lost or Stolen Laptop or Phone Overview If your work laptop or phone goes missing, the device itself matters less than the data and accounts on it. Acting fast lets us lock the device remotely and protect your company. This guide walks you ...