Awareness / Email Phishing Incident Reported

Description

Reporting phishing emails is an important step in keeping yourself and your organization safe from malicious attacks. By reporting phishing emails, users can help to alert their organization and its security team to potential threats and help prevent further attack attempts. Additionally, reporting phishing emails provides organizations with valuable information about the nature of the attack, which can be used to better protect against similar attacks in the future.

Risk

If an user does not report a phishing email, they are putting themselves and their organization at risk. Without the knowledge of a potential threat, the organization's security team will be unable to take proactive steps to protect against further attack attempts, leaving users vulnerable to malicious actors. Additionally, without reporting, organizations are unable to gather the information necessary to identify the nature of the attack, meaning that similar attacks may go undetected and cause further damage.

Solution

The best solution for users to report phishing incidents is to contact their organization's security team or IT department immediately. Organizations typically have a designated team or individual responsible for handling security-related issues. It is important for each organization to establish a process for users to report security incidents. A good error culture is a prerequisite for this.