An employee receives an email that appears to be from their company's technical support, requesting confirmation of the employee's username and password for a system update via a provided link. What should be the employee's best course of action?
Follow the link in the email to avoid potential update delays.
Distribute the email to coworkers to check if it was also sent to them.
Reply to the email to confirm the authenticity of the request.
Inform the company's security team about the email and refrain from clicking the link.
The employee should recognize this as a potential phishing attack, a form of social engineering. The best course of action is to report the suspicious email to the company's security team and refrain from clicking any links or replying. This allows the security team to investigate, block the malicious source, and alert other employees if necessary. Replying to the email could confirm the email address is active to attackers, following the link could lead to credential theft or malware infection, and forwarding the email to coworkers could inadvertently spread the phishing attempt.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is phishing in cybersecurity?
Open an interactive chat with Bash
Why should you report a phishing email to your company's security team?