If you suspect that you've received a Phishing email, please read below for tips to spot and report it to the system.
Why it Matters...
Phishing emails are a major threat to our business. They try to steal sensitive info, such as passwords, client data, and banking information by pretending to be trustworthy sources.
What is Phishing?
Phishing is when cybercriminals pretend to be someone you trust (like a bank, coworker, or vendor) to trick you into clicking a link, downloading a file, or giving out information.
Quick-Check List: Think SLAM
Use SLAM to remember what to check in every email:
| Letter | What it Stands For | What to Look Out For |
|---|---|---|
| S | Sender | Is the email from who it says it's from? Hover over the sender’s name. Look for suspicious or unfamiliar domains (e.g., @coast2coost.com instead of @coast2coast.com). |
| L | Links | Hover (don’t click!) on links. Does the address match the claimed destination? Look for misspellings or strange URLs. |
| A | Attachments | Were you expecting a file? Phishing emails often attach malicious PDFs, ZIPs, or Excel files. |
| M | Message | Is it urgent, threatening, or asking for sensitive info? Does it sound odd or too generic? Trust your gut. |
Easy Ways to Spot Phishing
✅ Common Red Flags:
"Act Now!" urgency
Spelling/grammar mistakes
Weird sender email address
Too good to be true offers
Requests for login credentials, wire transfers, or gift cards
✅ Example of a Fake Email:
From: helpdesk@coast2co0st-mortgag3.com
Subject: "Immediate Action Required – Account Locked"
"Click here to verify your login credentials or your account will be disabled."
→ Looks legit? Not really. Notice:
Strange sender address
Urgent and threatening tone
Link that may lead to a fake login page
What to Do If You Suspect a Phish
Do not click or reply.
Take a screenshot (optional)
Report it immediately: If you've received a suspected phishing email, please report it using the Microsoft Security Reporting Tool right in your Microsoft Outlook desktop app using the red shield icon with an exclamation mark at the top of your screen in the "Home" tab. This will teach our systems to spot these types of emails before they even make it to your inbox.
Delete the email.
Bonus Tips
Use strong, unique passwords (and update them regularly).
Turn on multi-factor authentication (MFA).
Never trust an email asking for sensitive information—verify by phone if unsure.
Final Reminder
When in doubt, slow down, trust your instincts, and use SLAM.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article