Email Security Checklist
Use this checklist before interacting with any unexpected or suspicious email.
- Does the sender address match the organization it claims to represent?
- Is the message creating urgency or pressuring quick action?
- Do links preview to unfamiliar or misspelled domains?
- Are there unexpected attachments, especially compressed files or documents requesting macros?
- Is the greeting generic rather than personalized?
Securing Your Email Account
- Enable two-factor authentication on your email provider.
- Use a strong, unique password managed by a password manager.
- Review connected apps and third-party access periodically.
- Set up recovery options (phone number, backup email) in case of lockout.
Your email account often controls password resets for many other services — securing it should be a top priority.
Reporting Suspicious Emails
Most email providers include a "Report phishing" option. Reporting helps improve spam filters and protects other users from the same campaign.