BRITECITY Report EmailReport a Suspicious Email

BRITECITY
Don’t Take the
Bait.Phishing Awareness Training · Protecting Your Business
Make IT Easy
Today’s Agenda
What we’ll cover01The Phishing ThreatWhat it is, why it works, and how attackers think
02Common Scam TypesBEC, spear phishing, smishing, vishing, and more
03Red Flags to SpotHow to read an email like a security pro
04Best PracticesHabits that stop attacks before they start
05If You're TargetedWhat to do — and what NOT to do
The Threat
What is phishing?Phishing is a cyberattack where criminals impersonate trusted sources to steal credentials, money, or data. It works because it exploits human behavior — not just technology.
Why it worksAttackers create urgency, impersonate authority figures, and exploit trust. Your brain is wired to respond to these triggers — and attackers know it.
Common hooks: password reset required, invoice overdue, package undeliverable, account suspended, unusual sign-in detected.
91%
of breaches start with
a phishing email
Technology alone can’t stop phishing. Awareness is your strongest defense.
Common Scam Types
Know your enemyEMAIL PHISHING
Mass-sent emails impersonating banks, vendors, Microsoft, or IT. Low personalization, high volume.
SPEAR PHISHING
Targeted attack using your name, role, or company. Much harder to spot. Often impersonates your CEO or IT.
BUSINESS EMAIL COMPROMISE
Attacker hijacks or spoofs a real email thread. Targets finance teams with fake wire transfer or invoice requests.
SMISHING
Phishing via text message. Fake shipping alerts, bank OTPs, HR notices. Tap = compromise.
VISHING
Phone-based attack. Caller claims to be IT support, IRS, or your bank. Designed to create panic and urgency.
WHALING
Highly targeted phishing aimed at executives (CEO, CFO). Higher stakes, more sophisticated, often involves wire transfers.
Red Flags
Anatomy of a phishing emailFromsupport@microsofft-help.com
Toyou@yourcompany.com
Subject⚠ Urgent: Your account will be suspended in 24hrs
DateToday 11:47 PM
Dear Valued Customer,
Your account has been flagged for unusual activity. You must verify your identity immediately or your account will be permanently deleted.
[Click Here to Verify Now]
1.Misspelled domain
2.Sent late at night
3.Creates urgency / fear
4.Generic greeting
5.Suspicious link
If anything feels off — it probably is.
Real-World Scams
The scams most likely to hit your businessFake Invoice / Wire TransferAttacker poses as a vendor or exec and requests an urgent payment change. Finance receives a nearly identical email domain. Funds are wired before anyone checks.
IT Support Impersonation"Your account shows a security breach — please click this link to reset your password immediately." Often spoofs Microsoft, Google, or your IT provider.
Fake DocuSign / Adobe SignA document "requires your signature" via a spoofed link. The sign-in page harvests your Microsoft 365 or Google credentials.
CEO / Executive Fraud"Hey, I'm in a meeting and need you to buy $500 in gift cards and email me the codes. Keep this between us." Targets assistants and finance staff.
Best Practices
Habits that stop attacks cold1Verify before you actGot a wire transfer request? Unusual login link? Call the sender directly using a number you already have — never one in the email.
2Hover before you clickHover over any link to preview the real URL. If the domain doesn't match exactly, don't click.
3Use MFA everywhereMulti-factor authentication stops 99% of credential-based attacks even if your password is stolen.
4Don't bypass IT proceduresUrgency is a manipulation tactic. Legitimate requests follow process. If someone pressures you to skip steps, that's a red flag.
5Report suspicious emailsDon't delete. Don't ignore. Report it to your IT team so patterns can be identified and threats blocked for everyone.
If You’re Targeted
Clicked a link? Entered credentials? Here’s what to do.
DOStay calm — panicking leads to more mistakes
Contact your IT team immediately
Disconnect from the network if malware may have run
Change your password from a clean device
Report the email so IT can trace and block the threat
DON'TDon’t ignore it or hope nothing happens
Don’t try to handle it yourself without IT
Don’t keep using the device until IT clears it
Don’t tell others "it’s fine" — escalate immediately
Don’t be embarrassed — reporting saves your company
Quick Reference
Spot it. Stop it. Report it.
SPOT IT
Sender domain doesn't match exactly
Urgency or fear-based language
Unexpected attachments or links
Generic greeting ("Dear Customer")
Request to bypass normal process
Unusual time sent (late night / weekend)
STOP IT
Don’t click — hover first
Never enter credentials from an email link
Call the sender to verify
Use MFA on every account
Keep software and OS updated
Think before you forward
REPORT IT
Forward to IT team immediately
Use your email client's Report Phishing button
Screenshot + preserve the email
Note time and any actions taken
Change passwords if you clicked
Don’t delete until IT reviews it
BRITECITY
Questions?Your techTEAM is here to help keep you protected.
Report a Suspicious Email
Forward it to your IT team immediately. Don’t delete it. Don’t ignore it.
We’d rather get 10 false alarms than miss one real threat.
When in doubt — reach out.
Make IT Easy
BRITECITY  ·  Phishing Awareness Training · 2025
1 / 10

What is phishing?

Phishing is a cyberattack where criminals impersonate trusted sources to steal credentials, money, or data. It works because it exploits human behavior — not just technology.

Why it works

Attackers create urgency, impersonate authority figures, and exploit trust. Your brain is wired to respond to these triggers — and attackers know it.

Common hooks: password reset required, invoice overdue, package undeliverable, account suspended, unusual sign-in detected.

Technology alone can’t stop phishing. Awareness is your strongest defense.

Know your enemy

EMAIL PHISHING

Mass-sent emails impersonating banks, vendors, Microsoft, or IT. Low personalization, high volume.

SPEAR PHISHING

Targeted attack using your name, role, or company. Much harder to spot. Often impersonates your CEO or IT.

BUSINESS EMAIL COMPROMISE

Attacker hijacks or spoofs a real email thread. Targets finance teams with fake wire transfer or invoice requests.

SMISHING

Phishing via text message. Fake shipping alerts, bank OTPs, HR notices. Tap = compromise.

VISHING

Phone-based attack. Caller claims to be IT support, IRS, or your bank. Designed to create panic and urgency.

WHALING

Highly targeted phishing aimed at executives (CEO, CFO). Higher stakes, more sophisticated, often involves wire transfers.

Anatomy of a phishing email

From: support@microsofft-help.com
To: you@yourcompany.com
Subject: ⚠ Urgent: Your account will be suspended in 24hrs
Date: Today 11:47 PM

Dear Valued Customer,

Your account has been flagged for unusual activity. You must verify your identity immediately or your account will be permanently deleted.

[Click Here to Verify Now]

1.Misspelled domain
2.Sent late at night
3.Creates urgency / fear
4.Generic greeting
5.Suspicious link

If anything feels off — it probably is.

The scams most likely to hit your business

Fake Invoice / Wire Transfer

Attacker poses as a vendor or exec and requests an urgent payment change. Finance receives a nearly identical email domain. Funds are wired before anyone checks.

IT Support Impersonation

"Your account shows a security breach — please click this link to reset your password immediately." Often spoofs Microsoft, Google, or your IT provider.

Fake DocuSign / Adobe Sign

A document "requires your signature" via a spoofed link. The sign-in page harvests your Microsoft 365 or Google credentials.

CEO / Executive Fraud

"Hey, I'm in a meeting and need you to buy $500 in gift cards and email me the codes. Keep this between us." Targets assistants and finance staff.

Habits that stop attacks cold

Verify before you act

Got a wire transfer request? Unusual login link? Call the sender directly using a number you already have — never one in the email.

Hover before you click

Hover over any link to preview the real URL. If the domain doesn't match exactly, don't click.

Use MFA everywhere

Multi-factor authentication stops 99% of credential-based attacks even if your password is stolen.

Don't bypass IT procedures

Urgency is a manipulation tactic. Legitimate requests follow process. If someone pressures you to skip steps, that's a red flag.

Report suspicious emails

Don't delete. Don't ignore. Report it to your IT team so patterns can be identified and threats blocked for everyone.

Clicked a link? Entered credentials? Here’s what to do.

Stay calm — panicking leads to more mistakes
Contact your IT team immediately
Disconnect from the network if malware may have run
Change your password from a clean device
Report the email so IT can trace and block the threat

DON'T

Don’t ignore it or hope nothing happens
Don’t try to handle it yourself without IT
Don’t keep using the device until IT clears it
Don’t tell others "it’s fine" — escalate immediately
Don’t be embarrassed — reporting saves your company

Spot it. Stop it. Report it.

SPOT IT

Sender domain doesn't match exactly
Urgency or fear-based language
Unexpected attachments or links
Generic greeting ("Dear Customer")
Request to bypass normal process
Unusual time sent (late night / weekend)

STOP IT

Don’t click — hover first
Never enter credentials from an email link
Call the sender to verify
Use MFA on every account
Keep software and OS updated
Think before you forward

REPORT IT

Forward to IT team immediately
Use your email client's Report Phishing button
Screenshot + preserve the email
Note time and any actions taken
Change passwords if you clicked
Don’t delete until IT reviews it

Don’t Take theBait.

Don’t Take theBait.

Don’t Take the
Bait.

Don’t Take the
Bait.