Email Security Checklist

Use this checklist before interacting with any unexpected or suspicious email.

  • Does the sender address match the organization it claims to represent?
  • Is the message creating urgency or pressuring quick action?
  • Do links preview to unfamiliar or misspelled domains?
  • Are there unexpected attachments, especially compressed files or documents requesting macros?
  • Is the greeting generic rather than personalized?

Securing Your Email Account

  1. Enable two-factor authentication on your email provider.
  2. Use a strong, unique password managed by a password manager.
  3. Review connected apps and third-party access periodically.
  4. Set up recovery options (phone number, backup email) in case of lockout.

Your email account often controls password resets for many other services — securing it should be a top priority.

Reporting Suspicious Emails

Most email providers include a "Report phishing" option. Reporting helps improve spam filters and protects other users from the same campaign.