However, it could be a question you struggle with when deciding what types of email to report to your IT department. Potentially malicious emails make it to your inbox every day, so it’s important for you to understand the difference between a Phishing email and a Spam email.

This Email Seems Phishy

• Phishing is the process of attempting to acquire sensitive information (such as usernames, passwords, and credit card details) by pretending to be a trustworthy entity. Most commonly, phishing emails will try to lure you into clicking on a link or opening an attachment.
• Phishing emails can appear to come from reputable businesses or even departments and users from within your own organization. They often have a sense of urgency to them. Some may even use shock and intimidation to get what they want.
• If you come to the conclusion you've been sent a phishing email, we strongly recommend that you report the email to your IT department for their review.

Spam Alert

Spam is unsolicited, unwanted email typically sent for marketing purposes. It is often trying to sell you something, such as unwanted goods or services – but, it is not asking you to take specific action. Although spam can be annoying, it is common to receive it in your business email. These types of emails do not typically need to be reported unless you believe they pose a threat to your organization. In most cases, spam email can simply be deleted or ignored.

Note: Always follow your organization’s policy regarding what type of email to report in case it differs from the above.

Whether a Phishing email or Spam email, you should always be cautious when clicking on a link or opening an attachment. An email should never be considered safe until it is analyzed carefully. Remember, you’re the last line of defense to prevent a phishing attack on your organization. Always Stop, Look, and Think!