Početna » News » How to recognize a phishing attempt

How to recognize a phishing attempt

Phishing is a form of attack in which attackers falsely pose as a trusted person or organization in order to trick you into opening a sent link, downloading/opening a file, or revealing sensitive information (passwords, payment information, personal information).

 

 

Warning signs – quick checklist

 

An unexpected message asking you for information or to perform some action
(resetting your password, additional information for delivery purposes, suspending or terminating your
account, etc.)
Suspicious sender information – the display name may look correct, but the email domain is
incorrect or intentionally misspelled
An urgent or threatening tone (e.g., “immediate action required,” “account will be closed,” etc.)
• Offers that are too good to be true – alleged rewards, refunds, or “exclusive” benefits
Requests for confidential information (passwords, one-time codes, bank details, copies of documents)
Unexpected links or attachments – especially if you weren’t expecting them
• ​​Link mismatch – the text shows one website, but the actual destination is
different (check carefully for any characters swapped, e.g., “linkedIn.com” versus
“linkedln.com”)

 

What to do if you suspect phishing

 

Stop and check. If the message claims to be from a bank, delivery service, IT department, etc., open a new browser window and access the official website yourself (do not use a link in the email).

Check the sender and destination. In the email, expand the sender details, and hover over the link to see the actual destination.

 

 

Verify the authenticity of the message through another channel. Use a phone number from the official website, a verified support page, or contact a known person directly.
Report the message. Use the “Report Phishing” option in your email application or forward the message to your company’s IT department.
Delete the message after reporting it to your department (or move it to your spam folder, as directed by your organization).
Do not open unknown links or unexpected attachments.
Do not respond by sending passwords, one-time codes, or payment information.

 

If you have already opened the link
or discovered the information

 

Change your password immediately (especially for the affected account) and
change any other accounts where you used the same or
similar password
Turn on multi-factor authentication (MFA), if available
Contact support/security to check for suspicious logins and protect your account
Be wary of follow-up scams (attackers often
try to re-establish contact via new messages
or phone calls).

 

• Odmah promijenite lozinku (prije svega za pogođeni račun) te promijenite i sve druge račune na kojima ste koristili istu ili sličnu lozinku • Uključite više faktorsku autentifikaciju (MFA), ako je dostupna • Kontaktirajte službu podrške/sigurnosti radi provjere sumnjivih prijava i zaštite računa • Budite oprezni zbog naknadnih prijevara (napadači često pokušavaju ponovno uspostaviti kontakt putem novih poruka ili telefonskih poziva).