> ## Documentation Index
> Fetch the complete documentation index at: https://knowledge-base-starter-mintlify-85d166f9.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Phishing awareness

> How to spot phishing attempts and what to do when you receive a suspicious message.

Phishing is the most common vector for account compromise. Most successful attacks exploit urgency and impersonation — knowing the patterns makes them easy to spot.

## Common patterns

**Urgency and pressure** — "Your account will be suspended in 24 hours." Legitimate systems don't work like this. When in doubt, verify through a separate channel.

**Mismatched sender domains** — An email claiming to be from your bank with a domain like `secure-bank-alert.net` is a red flag. Check the full email address, not just the display name.

**Requests for credentials** — No legitimate internal system will ask you to enter your password via email. If a link takes you to a login page you weren't expecting, close it.

**Unexpected attachments** — Don't open attachments you weren't expecting, especially `.exe`, `.zip`, or macro-enabled Office files.

## What to do

**If you receive a suspicious email:**

1. Don't click any links or download attachments.
2. Report it using the "Report Phishing" button in your email client, or forward to `security@example.com`.
3. Delete it.

**If you clicked a link or entered credentials:**

1. Change your password immediately.
2. Notify the security team at `security@example.com` — include the URL you visited.
3. Don't wait to see if anything happens. Speed matters.

## Simulated phishing tests

IT runs periodic simulated phishing campaigns. Clicking a simulated phishing link triggers a short training module — it's not punitive. The goal is awareness.

If you receive an unusual volume of phishing attempts targeting your account specifically, notify the security team.
