Did you know that 122.3 billion email spam messages are distributed per day? This is around 85% of the world’s email traffic. Research says that a couple of spam emails per day is normal. Here in this blog, we have explained What Phishing is and steps to prevent it.

Phishing Scams in Outlook and steps to get rid of phishing.

The word Phishing is pronounced the way it spells. Phishing is a popular scam, which looks like it is legitimate. It is a scam in the form of email, text messages, social media, and instant links through push messages. Phishing mail can be sent by Gmail, Yahoo, Outlook, any social media site, or any communication source.  

These are very sophisticated cybercrimes, which hold all the potential lead information to acquire a person’s sensitive data. There are many types of Cybercrimes, but the major ones happen through emails and messages. Cybercriminals mostly pretend to be reputed professionals or from reputed companies. Spammers send you emails and messages in the name of friends, prominent organizations, work-related messages etc., fake news or by linking a spam site.  

Let’s look at various types of Phishing attacks in Outlook and how to protect yourself from being phished.
 

Types of Phishing attacks: 

• Inappropriate domains: If you get an email from a legitimate source or a reputable company from another domain (Other than that site domain), then it’s a scam. So, keep an eye on domain names because mostly, they look like the original ones. These are basic tricks used by spammers.
   
• Broken grammar and unclear phrases: Reputed or professional companies have an editorial team to re-check the content before they send it to the clients. If you find any silly grammatical errors or unclear sentences, it might be a scam. Sometimes the errors are deliberate, to avoid the filters that try to prevent these attacks. Sometimes, they are due to the translation of foreign languages.
   
• Greetings from an unknown source: You might get an email with birthday or anniversary wishes etc. from an unknown source, which might be fraud. Typically, the organization you are working for knows your name, so if any email starts like Dear madam/sir, it’s better to cross-check as it’s a caution. It might not be from your organization or any other trusted user. 
   
• Infrequent senders: Daily, we get a few emails from strange domains. It is not unusual to get an email from someone for the first time. If you are getting emails from outside of your organization or someone you do not know, this can be a warning that you might get phished.
   

• Suspicious links or attachments: If you get an email with a suspicious link or attachment, do not click on that right away. Instead, rest your mouse on the link so that you can see the original IP address of the site below the link (in the same way that you can see the details when you rest the mouse on any file on your computer).
   
• Immediate call to action: Be alert about the mail with suspicious links like claiming a reward or escaping a penalty. These are some common tactics of phishing attacks. Scammers do this because you will not think twice or consult anyone about such emails. 
   

Ways to protect yourself from a Phishing scam in Outlook: 

You can protect yourself from the Phishing scams in Outlook itself. Here are the 3 simple steps to report the Phishing email. 

1. Go to your Outlook and open the Phishing mail you want to report. 
2. Select the Junk option at the top. If you click on that, you see 3 options: Junk, Phishing, and Block (like in the picture below). Select Phishing. 
3. After selecting the Phishing option, it asks you to report or do not report the email. Select ‘report’ so that the email will send a notice to Microsoft. Later, the email moves to the Junk folder.

Follow these steps if you receive a Phishing email: 

1. If you receive suspicious mail from the person you know, confirm whether it is legitimate or not, by giving a call or text message to that person. 
2. Do not ever click the links or attachments you receive in a suspicious email. If you want to check that it is legitimate or from your organization, go to the web browser and cross-check the contact information. 
3. Examining the details will help you determine if it is a scam or not. 
4. Report the email as a fraud/scam and remove it. 

If you accidentally fall for a phishing scam: 

If you think that you have accidentally fallen for a Phishing scam, follow the steps below.  

• Note as many details as you can, like usernames or account numbers, while it’s still in your mind. They are helpful to report the phishing scam.  
• Change the passwords of your accounts which you think might be attacked. Try to create unique passwords for all your accounts.  
• Notify your organization about the possible scam. Also, notify your IT (Information Technology) support team so that your organization can improve the work security options.  
• Assure that you have multi-factor authentication for your accounts. This can reduce your risk of a Phishing scam.  
• Report to the respective authorities if you have lost any amount of money by Phishing scams. The information you have remembered, like passwords and account numbers, will be especially useful in this case.

To avoid/get rid of a Phishing scam: 

There are steps you can take to avoid Phishing scams. For example, maintain your email accounts with strong passwords and report inappropriate or irrelevant emails immediately. If you are unaware or doubtful about the email you get, try to find it with the web address or contact number. There is an add-in called the Phishing alert button in Outlook to report Phishing emails. Also, Microsoft Outlook has now put the Phishing option in the Junk folder itself so you can report the scam directly. Reporting fraud emails has become simple but recognizing them can still be difficult. See MFA In Microsoft 365- Simple Steps To Follow and learn how to use Multi-factor authentication for your email and social media accounts to reduce the chance of being Phished.