You've learned how to recognize phishing emails and habits that will help you avoid a phishing attack. It's also important to prepare for the worst. If you receive a suspicious email, your response is important and should include steps to limit the damage, and prevent the spread of the attack:
- Don’t panic!
- Report it internally. If you have a security or IT department, report it to them. This can help keep your organization aware of any security threats or scammers targeting you. Letting your colleagues know can help them from being tricked by the same or a similar attack.
- If your email provider lets you report phishing, do so. This can help them block phishing emails before they get to you. For example, Gmail has a “report phishing” option under the “three dots (more)” button at the top of an email.
- If you clicked a link on your computer, get the computer checked by a professional.
- If you logged into an account using a link in the suspicious email, change your password immediately. If the website has an option to force other sessions to log out, do that and log back in on your other devices. It’s a pain, but it can help you force out a phisher who’s gained access to your account. Don’t wait! Do this immediately when you realize what has happened.
- Get professional help. For assistance with this, reach out to Campaign Helpdesk.
- If the phishing attempt was targeted to your campaign account, or to the personal account of a campaign staff person, follow appropriate procedures for reporting the phishing email to authorities and your local election commission. If you are unsure of what the procedures are, contact Campaign Helpdesk, or your local party officials.
Want to know more? Sign up for a training on phishing.