🛑 What to Do If You Suspect a Phishing Email

Phishing emails are one of the most common — & dangerous — cybersecurity threats to your business. Cybercriminals use them to trick users into clicking malicious links, downloading harmful attachments, or giving up sensitive information. Knowing how to spot & handle a phishing attempt can prevent a major security breach.

‍⚠️ Common Signs of a Phishing Email:
‍Be cautious if you notice any of the following:
• Urgent or threatening tone ("Your account will be suspended!").
• Unexpected attachments or requests to open a file.
• Suspicious links (hover over the link, but do not click, to preview the URL).
• Misspelled words or unusual grammar.
• Generic greetings ("Dear user" instead of your name).
• Requests for sensitive data like passwords, SSNs, or banking info.
• Email appears to come from a vendor or coworker, but the domain looks off (@amaz0n.com, not @amazon.com).

‍🧭 Steps to Take Immediately If you think you’ve received a phishing email:
‍1. Do NOT click on any links or attachments Even if the message looks legitimate — verify first.
‍2. Do NOT reply to the email Phishing attackers often use replies to gather more information or validate your email address.
‍3. Report it to IT or your MSP team immediately If you’re a StumpTown MSP client: Forward the email to: support@stumptownmsp.com Use the subject line: Phishing Email Suspected Include a brief description if you clicked anything
‍4. Delete the email after reporting Once reviewed, delete the message from both your inbox & trash.

‍🛡️ What If You Clicked a Link or Entered Info? Don’t panic — but act fast:
• Disconnect  from the network if possible (turn off Wi-Fi or unplug Ethernet).
• Call our team immediately at 📞 503-735-4774
• Change your password if you entered login credentials.
• Monitor accounts for suspicious activity. We'll help you assess risk, isolate affected systems, & run malware or forensic scans if needed.

‍📚 How to Prevent Future Phishing Risks:
• Enable MFA (Multi-Factor Authentication) everywhere.
• Use  a password manager to avoid reusing credentials.
• Verify suspicious messages through another channel (phone, text).
• Regularly train employees on how to recognize phishing threats.
• Contact StumpTown MSP for Security Awareness Training (SAT) & phishing simulations.

‍🧩 We’re Here to Help Your security is our priority. If you’re unsure about any message — ask us first.

💬Still Having Trouble? Submit a ticket or Let’s Connect! for Help:
‍🛟 Open a Support Ticket
‍📬 Email support@stumptownmsp.com
📞Call 503-735-4774
🕒Support Hours: Monday – Friday, 9:00 AM - 5:00 PM PT
🗓️Book your Free Network Security Assessment