Best Practices to Spot Phishing Emails

April 9, 2024

With companies receiving phishing email every day, it’s best to keep in mind a few best practices when reviewing emails. Below are several tips provided by Kloud9. For every email you should:

  • Always check the sender and subject of all emails
  • Don’t click any links unless you know they’re safe
  • Don’t open any attachments, especially PDFs and ZIP files from untrusted sources

If you are concerned about a specific email

  • Have your MSP or internal IT department review the email
  • Links may be bogus…go to the original vendor/customers website, and follow links on their site
  • Phone numbers may be bogus…call the company directly on a known good number

If you do accidentally click a nefarious link:

  • Contact your MSP or internal IT department immediately and tell them what happened
  • Make sure your anti-virus or end-point-protection is up to date and scanning
  • Perform a malware scan with persistence and foothold checks
  • Depending on the extent of a potential compromise, consider triggering your Incident Response Plans
  • Consider resetting user passwords


Contact ALTA at 202-296-3671 or [email protected].