Phishing emails are a common tactic used by cyber criminals to steal sensitive information, such as login credentials, financial data, or personal details. Recognizing and reporting these threats helps protect you and your organization.

🔍How to Identify Phishing

Phishing emails often exhibit one or more of the following characteristics:

1. Urgent or threatening language: Messages that pressure you to act quickly (e.g., "Your account will be suspended").
   
2. Suspicious sender address: Email addresses that don’t match the organization they claim to represent.
   
3. Unexpected attachments or links: Files or URLs that you weren’t expecting or that seem out of context.
   
4. Spelling and grammar errors: Poorly written messages are often a red flag.
   
5. Requests for sensitive information: Legitimate organizations will never ask for passwords or personal data via email.
   

🛡️Steps to Report and Protect Your Account

1. Do Not Click Links or Download Attachments
   
1. Avoid interacting with any part of the suspicious email.
   
2. Report the Email
   
1. Use your organization's reporting method. Common options include:
   
1. Outlook: Click Report Message > Phishing.
   
2. Gmail: Click the three dots in the top-right corner > Report phishing.
   
2. Forward the email to your IT Security Team: abuse@beaconcollege.edu.
3. Delete the Email
   
1. After reporting, delete the message from your inbox and trash.
   
4. Change Your Password
   
1. If you clicked a link or entered credentials, immediately change your password and notify IT.
   
5. Enable Multi-Factor Authentication (MFA)
   
1. Ensure MFA is enabled to add an extra layer of protection to your account.
   

✅Stay Vigilant

1. Always verify unexpected requests.
   
2. Hover over links to inspect URLs before clicking.
   
3. Keep your software and antivirus tools up to date.
   

If you’re ever unsure, it’s better to report a message than to ignore a potential threat.