Security

Phishing Awareness Checklist

How to spot phishing emails, what to do when you get one, and why clicking unsubscribe on a suspicious email is a bad idea.

Phishing Awareness Checklist

Phishing is the most common way Louisiana businesses get compromised. Not because the attacks are sophisticated — most aren’t. It’s because employees are busy, inboxes are full, and one bad click is all it takes.

This checklist covers what to look for, what to do, and what not to do.

Before you click: check these things

The sender address — The display name can say anything. Look at the actual email address in the From: field. support@paypal-secure-billing.com is not PayPal.

Urgency language — “Your account will be suspended in 24 hours,” “Immediate action required,” “Final notice.” Legitimate companies don’t communicate this way about routine matters.

Unexpected attachments — If you weren’t expecting a file from this person, call them to verify before opening it. A phone call takes 30 seconds. Ransomware recovery takes weeks.

Links that don’t match — Hover over any link before clicking. The URL in the bottom bar should match where you expect it to go. bit.ly/3xK2mQp is not your bank.

Generic greetings — “Dear Valued Customer” instead of your name is a flag. Not definitive, but a flag.

Requests for credentials or payments — No legitimate service will email you asking for your password or requesting wire transfer over email without prior phone confirmation.

Red flags that should stop you cold

  • An email asking you to log into something via a link in the email (go directly to the site instead)
  • A vendor or colleague asking you to change where a payment is sent
  • An invoice for something you didn’t order
  • An email from “IT” or “Help Desk” asking for your password or MFA code
  • Anything involving gift cards as payment

What to do when you get a suspicious email

  1. Don’t click anything. Not the link, not the unsubscribe button, not the attachment.
  2. Report it — forward it to your IT provider or use your email client’s “Report Phishing” option.
  3. If you clicked something: disconnect from the network immediately and call your IT provider. Time matters.
  4. Delete the email after reporting.

What NOT to do

Don’t click “unsubscribe” on a suspicious email. That confirms your email address is active and often leads to more phishing attempts, or worse, triggers a malicious link.

Don’t forward it to co-workers to ask if they got it too. You might get them to click it.

Don’t respond to ask if it’s legitimate. The attacker controls the reply-to address.

If you think you’ve been phished

Call your IT provider immediately. The first 30 minutes matter. If credentials were entered, passwords need to be changed and MFA reviewed — fast. If an attachment was opened on a work device, assume the device is compromised until it’s checked.

Questions about your organization’s phishing exposure? Contact RockIT.

Have a specific question about your setup?

Guides cover the general case. A free 30-minute review covers yours.

Schedule a Free IT Review