 In a previous livestream, we simulated a successful phishing attack where we sent an email that looked exactly like one you could get from Office 365. In this video, we will show you the red flags you should look out for to prevent you from giving your password to malicious sources. Red flag number one, look closely at the sending address. I never received an email from this address before, and it seems a bit strange that I wasn't notified ahead of time by my IT administrators. Since this email directly references my IT administrators, I should confirm with them first before clicking on any links in this email. Red flag number two, if you are familiar with the sender's address, take a close look at any misspellings of the domain or extra characters, such as support at protected.trusts.com instead of support at protectedtrusts.com. Red flag number three, attackers love using language that prompts users to take action right away. In this case, we see it used three times. Any email verbiage that creates a sense of urgency should be treated suspiciously. It is the attacker's intent that your initial panic will cause you to try to resolve the issue quickly and without thinking. Red flag number four, when I hover my mouse over the click here link, I see the actual URL has nothing to do with Office 365. Never click the link if you are unsure. You can always manually type in the URL you know to be true in your web browser instead of taking the click here shortcut. In this case, we would go to portal.office.com to check. Red flag number five, if you are a more technical user, checking the message headers of this email indicates that the IP address the message originated from is not one used by Office 365 or our company. If you do get fooled into clicking the link, there are still several red flags to look out for before giving out your login credentials. Red flag number six, the URL for this landing page has nothing to do with Office 365. Be careful though, in a real phishing attempt, the agent will use a URL that looks close to the real thing. Red flag number seven, this login page for Office 365 is out of date. As of 2018, the current login page looks like this. Similar to our tip on red flag number four, manually type in the URL you know to be true if you think the page is suspicious. Red flag number eight, your web browser is smart. Look for the secure label and lock icon by the URL. These will usually appear in green when the website is legitimate. Here is the fake website again. Notice there is no secure label and the lock icon has a red line through it. Also, when I go to enter in my login credentials, my browser gives me a final warning telling me the connection is not secure and there is a strong possibility my login information could be compromised. Finally, red flag number nine, let's say you fall for both the email and the landing page and you end up entering in your email address and password. Even though you already entered in your password, the page redirects to another sign in page. Sometimes the page will stay the same, but the URL has changed. With no indication of my password or username being incorrect, you should know by this point that something is fishy. If you get to this point, it is likely you have just given your login credentials to the phishing agent. It may not be too late though. If you notice this right away, you can still change your password before the phishing agent has a chance to log in with the credentials you just provided. It is still a good idea to contact your IT department to confirm that your account or your machine have not been compromised.