Cybersecurity is one of the issues that most concerns consumers and businesses. Although ecommerce is the order of the day, there are also profiles that are still reluctant to provide their data or email for fear of suffering a phishing attack.
Phishing is a cybercrime technique that seeks to trick people into revealing sensitive information, such as passwords or bank details. Fraudsters often impersonate a trusted entity or a person they know in order to obtain this information.
Email, and more specifically Outlook, is often one of the main ways in which they try to obtain such data, through an email that may appear to be very real.
How do I identify a phishing attempt?
You may have doubts about whether an email is a phishing attempt or a real communication that has been sent to you. That’s why there are a few simple tips to help you recognise it:
- Check the sender’s email address: Scammers often use addresses similar to legitimate ones, but with slight variations (e.g. soporte@micros0ft.com instead of support@microsoft.com). When you receive an email or Teams message from someone you don’t recognise, or that Outlook or Teams identifies as a new sender, take a moment to examine it carefully with some of the following steps
- Don’t click on suspicious links: If you are suspicious of a link, hover over the link to see the actual URL before clicking to check whether or not it is a page you are familiar with.
- Be wary of requests for personal information: It is unusual for companies to ask for personal information such as telephone number or account number by email, so before sending it, check with the person who has written to you that they have asked for it.
- Check spelling and grammar: Fraudulent emails often contain spelling or grammatical errors. These errors are sometimes the result of an incorrect translation from another language. Sometimes it is deliberate, in an attempt to circumvent filters that try to block these attacks.
- Don’t download attachments from unknown senders: Another technique used for data theft is to corrupt attachments. That is why they should not be downloaded from senders you do not know, they could contain malware. Microsoft Support
You can find a more detailed guide on how to recognise and avoid phishing scams at this link.
Report phishing attempts in Outlook
Despite all the security your company may have and all the precautions you take, it is possible that you may receive one of these emails. If you follow the steps below you can prevent data theft and report the incident to prevent it happening again.
- Select the suspicious email: Click on the message you consider to be fraudulent, but do not click on any links in it, just open it to read it.
- Access the options menu: Once opened, at the top of the Outlook window, you will find the ‘Report’ button, click on it to continue.
- Choose the appropriate option: You will be presented with a menu where you must select the option: ‘Report phishing’.
Clicking on this option will notify Microsoft of the arrival of this suspicious e-mail so that they can take appropriate action.
What to do if you have fallen for a phishing scam?
Despite all the precautions you take, it is possible that you may click on a link or that your data may be stolen in some way or another. We explain what to do in this case:
- Monitor your accounts: Regularly review your account statements for suspicious activity. Keep an eye on the latest transactions and make sure they are recognised.
- Report it to the authorities: Reporting the incident to the police or specialised cybercrime agencies will help you have an official document to back up what happened.
As we have said before, prevention is the best defence against phishing, being vigilant in protecting your personal information is key but anyone is susceptible to a phishing attempt.
