๐Ÿ” Email Security ๐Ÿข Business

How to Respond to a Phishing Email

How to identify phishing attacks and the exact steps to take if you receive or accidentally click a phishing link.

Last updated March 23, 2026  ยท  22 views

What Is Phishing?

Phishing emails impersonate trusted companies (your bank, Microsoft, the IRS, your CEO) to trick you into revealing passwords, clicking malicious links, or wiring money. They are the #1 way businesses get hacked.

How to Spot a Phishing Email

  • Sender address doesn't match: The display name says "Microsoft Support" but the email is from support@micro5oft-help.ru
  • Urgency and threats: "Your account will be closed in 24 hours" โ€” legitimate companies don't threaten you this way
  • Generic greeting: "Dear Customer" instead of your name
  • Suspicious links: Hover over links before clicking โ€” the real URL shows in your browser's status bar
  • Unexpected attachments: .zip, .exe, .docm, or .xlsm files you weren't expecting
  • Too good to be true: Winning prizes, unclaimed refunds, gift cards
  • Poor grammar or spelling (though AI is making phishing emails better written)

If You Receive a Phishing Email (Did NOT Click)

  1. Do not click any links or open attachments
  2. Report it using your email client's "Report Phishing" or "Report Junk" button
  3. In Outlook: right-click โ†’ Report โ†’ Report Phishing
  4. In Gmail: three-dot menu โ†’ Report phishing
  5. Forward the email to your IT department or support@techshieldmsp.us
  6. Delete the email permanently

If You Clicked a Link or Opened an Attachment

โš ๏ธ Act immediately โ€” time matters.
  1. Disconnect from the internet โ€” turn off Wi-Fi or unplug ethernet now
  2. Do not log in to anything on that device
  3. From a different device, change your email password immediately and enable 2FA
  4. Change passwords for any other accounts that use the same password
  5. Call your IT department or TechShield immediately: (470) 210-1470
  6. Run a full malware scan once you are back online under IT guidance

If You Entered Your Password or Financial Info

  1. Change the compromised password immediately (from a clean device)
  2. If financial information was entered, call your bank's fraud line right away
  3. Place a fraud alert with the credit bureaus if personal info (SSN, DOB) was shared
  4. Report to the FBI Internet Crime Complaint Center: ic3.gov

Training Your Team

One click by one employee can compromise your entire company. Regular phishing simulation training (e.g., KnowBe4) dramatically reduces click rates. TechShield can help set this up for your organisation.

๐Ÿ’ก Suspect a phishing attack on your business? Call us immediately at (470) 210-1470 or open an urgent ticket.
โ† Back to Knowledge Base
๐ŸŽซ Still need help? Open a Ticket
๐Ÿ–ฅ๏ธ
Need live help?

Connect with a technician in under 2 minutes.

Start Remote Session โ†’ Submit a Ticket
๐Ÿ’ฌ Chat with Us