What is Phishing?
Phishing is a form of cyber attack where attackers pretend to be legitimate organizations or individuals to steal sensitive information through deceptive communications.
Example: You receive an email claiming to be from Microsoft Support asking you to verify your account via a suspicious link.
These attacks often target Microsoft account credentials, payment information, and private data.
Common Phishing Indicators
-
Urgent or threatening language
-
Requests for personal account credentials
-
Suspended or limited account access threats
-
Suspicious or misspelled sender addresses
-
Embedded links to non-official domains
Pro Tip: Microsoft will never ask for account credentials through unverified channels.
What to Do If You Suspect Phishing
- Immediately stop interacting with the message
- Do not click any links or download attachments
- Report to IT Support or Security Team
- Verify the authenticity of the communication through official channels
- Delete the suspicious message and clear browser cache if involved
Warning: Never respond to phishing attempts or provide personal information.
Phishing Prevention Best Practices
Enable 2FA
Double authentication prevents unauthorized access even if credentials are stolen.
Suspicious Link Checker
Hover over links (don't click!) to verify the actual destination URL.