“I need copies of all our employees’ W-2 forms as soon as possible”
“Your computer has been infected with a virus – click here to contact Microsoft!”
“Your important package was not delivered – click here to resolve this issue”
“The attached invoice is overdue and must be paid immediately”
“I need you to transfer $50,000 to this bank account right away.”
Did you get an adrenaline rush just reading those sentences? That’s the response a cybercriminal wants you to have – the feeling that you must take action immediately to resolve a critical problem.
Instead, stop and think before you take action.
When you feel that overwhelming emotional response, that should be your first clue to slow down and ask important questions.
- Do you know the sender?
- Does the request make sense?
- Is the sender’s email address correct?
- Does the request make sense coming from the sender?
- Does this sender normally ask for things like this?
If you have any uneasiness at all, contact the sender. Pick up the phone, send a separate email (not a reply to the request), or verify the request in some completely independent way. If it’s a valid request, you’ll have verification and can respond in a timely manner. And if it’s not valid, you’ll be glad you checked!