If you receive a phishing email, it can be a bit scary. Fortunately, nothing infects your computer if you don’t click any links or respond. Here’s what to do (and what not to do) if you receive a phishing email.
In a phishing email, the sender tries to get you to click a link or provide personal information, like bank details or passwords. They are a conventional social engineering attack. We’ve explained in detail how phishing emails work, which is worth a read if you’re unfamiliar with them or don’t know how to spot one.
But what should you do if you receive a phishing email?
Don’t Panic and Don’t Click Any Links
When you get a suspected phishing email, don’t panic. Modern email clients, like Outlook, Gmail, and Apple Mail, do a great job of filtering out emails that contain malicious code or attachments. Just because a phishing email lands in your inbox, it doesn’t mean your computer is infected with a virus or malware.
It’s perfectly safe to open an email (and use the preview panel). Mail clients haven’t allowed code to run when you open (or preview) an email for a decade or more.
Phishing emails are a genuine security risk, though. You should never click a link in an email or open an attachment to one unless you are 100 percent confident you know and trust the sender. You should also never reply to the sender—even to tell them not to send you any further mail.
Phishers might send emails to thousands of addresses every day, and if you reply to one of their messages, it confirms your email address is live. This makes you even more of a target. Once the phisher knows you’re reading his emails, he’ll send more attempts and hope one of them works.
So to be clear: Don’t click any links, don’t open any attachments, and don’t reply.
