IT Security Tip #3: How to Stay Safe from Phishing Attacks

Phishing is one of the most common cyber threats where attackers impersonate trusted entities such as IT staff, HR, leadership, Vendor etc. to trick employees into revealing sensitive information, clicking malicious links, or downloading harmful files.

How it works:

The Bait – You receive a fake email or message that looks legitimate(from your bank, a known vendor, Leadership, coworker).
- Logos, signatures, and formatting mimic real sender email
The Hook – The message urges you to click a link, open an attachment, or provide sensitive info like passwords or financial details.
- Email subjects such as Urgent: Password Expiry Notification, Action Required: Unpaid Invoice #4573
The Catch – Once you act, attackers can:
- Steal your credentials
- Install malware
- Access your organization's systems

Stay protected:

Check the sender's email address carefully (support@as-lm.org instead of support@aslm.com )
Avoid clicking unknown links (Hover over links to see the real URL before clicking)
Report suspicious emails to IT (support@aslm.com)

When in doubt — don’t click or respond. Ask your IT team for help!