Emotional Manipulation is a Phisher’s Best Friend

“I need copies of all our employees’ W-2 forms as soon as possible”

“Your computer has been infected with a virus – click here to contact Microsoft!”

“Your important package was not delivered – click here to resolve this issue”

“The attached invoice is overdue and must be paid immediately”

“I need you to transfer $50,000 to this bank account right away.”

Did you get an adrenaline rush just reading those sentences? That’s the response a cybercriminal wants you to have – the feeling that you must take action immediately to resolve a critical problem.

Instead, stop and think before you take action.

When you feel that overwhelming emotional response, that should be your first clue to slow down and ask important questions.

• Do you know the sender?
• Does the request make sense?
• Is the sender’s email address correct?
• Does the request make sense coming from the sender?
• Does this sender normally ask for things like this?

If you have any uneasiness at all, contact the sender. Pick up the phone, send a separate email (not a reply to the request), or verify the request in some completely independent way. If it’s a valid request, you’ll have verification and can respond in a timely manner. And if it’s not valid, you’ll be glad you checked!