Phishing email detection

{{whyLabel}}: To prevent malware from communicating with the attacker's server or spreading to other devices on your network.

{{howLabel}}:

• Turn off Wi-Fi via the system tray or menu bar.
• Unplug the Ethernet cable if using a wired connection.
• Keep the device offline until a full security scan is completed.

{{doneWhenLabel}}: The device has no active network connection.

{{whyLabel}}: If you entered credentials on a fake site, the attacker now has them; changing them immediately locks them out.

{{howLabel}}:

• Use a different, uncompromised device (like your phone or a different laptop).
• Prioritize your email account, banking apps, and password manager.
• Create unique, complex passwords (at least 16 characters).

{{doneWhenLabel}}: Passwords for primary accounts are updated and unique.

{{whyLabel}}: Phishing links often trigger 'drive-by downloads' that install spyware or keyloggers without your knowledge.

{{howLabel}}:

• Use a reputable scanner like the built-in Microsoft Defender or a free tool like Malwarebytes.
• Select 'Full Scan' or 'Deep Scan' rather than a quick scan.
• Quarantine or delete any threats identified by the software.

{{doneWhenLabel}}: The scan completes with a 'No threats found' result.

{{whyLabel}}: Reporting helps providers block the malicious domain and protects others from the same scam.

{{howLabel}}:

• In Gmail: Click the three dots next to 'Reply' and select 'Report phishing'.
• In Outlook: Use the 'Report Message' button in the ribbon and select 'Phishing'.
• If financial info was shared, call your bank's fraud department immediately.

{{doneWhenLabel}}: The email is reported and the bank is notified if necessary.

{{whyLabel}}: Attackers use 'display names' to mimic trusted brands, but the underlying email address often reveals the fraud.

{{howLabel}}:

• Hover over or click the sender's name to see the full address (e.g., support@amaz0n-security.com).
• Look for character substitutions (e.g., '0' instead of 'o', or 'rn' instead of 'm').
• Verify if the domain matches the official website of the company.

{{doneWhenLabel}}: You have verified the sender's domain against the official company site.

{{whyLabel}}: Hyperlinks can be labeled as 'Click Here' or 'Verify Account' while pointing to a completely different malicious URL.

{{howLabel}}:

• Place your mouse cursor over the link without clicking.
• Look at the bottom-left corner of your browser or email client to see the real URL.
• Be wary of URL shorteners (bit.ly, tinyurl) in unexpected official emails.

{{doneWhenLabel}}: You can identify a mismatch between link text and destination.

{{whyLabel}}: Modern phishing uses AI to scrape your social media and craft highly convincing, personalized lures.

{{howLabel}}:

• Be suspicious of emails referencing specific recent events (vacations, projects) from people you don't know well.
• Check for 'uncanny' perfection in tone that doesn't match the sender's usual style.
• Trust your gut: if a request for data feels 'off' despite looking perfect, it likely is.

{{doneWhenLabel}}: You have reviewed your recent emails for suspicious personalization.

{{whyLabel}}: Attackers use QR codes to bypass traditional email filters that scan for malicious text links.

{{howLabel}}:

• Never scan a QR code in an email that asks you to 'login' or 'update payment'.
• If you must scan, use a QR scanner app that previews the URL before opening it.
• Treat unsolicited QR codes with the same suspicion as unsolicited attachments.

{{doneWhenLabel}}: You have identified any QR codes in your inbox as potential threats.

{{whyLabel}}: MFA ensures that even if an attacker steals your password, they cannot access your account without a second token.

{{howLabel}}:

• Go to account security settings for Google, Microsoft, and Banking.
• Choose app-based authenticators (like Aegis or Microsoft Authenticator) over SMS.
• Save your 'Backup Codes' in a secure physical location.

{{doneWhenLabel}}: MFA is active on all primary personal and financial accounts.

{{whyLabel}}: Password managers prevent you from entering credentials on fake sites because they won't 'auto-fill' on unrecognized domains.

{{howLabel}}:

• Set up a reputable manager like Bitwarden (open-source) or KeePassXC.
• Import your existing passwords and begin changing weak/reused ones.
• Use the browser extension to ensure it only offers to fill on legitimate sites.

{{doneWhenLabel}}: A password manager is installed and managing at least 5 core accounts.

{{whyLabel}}: Phishing often exploits 'Zero-Day' vulnerabilities in outdated software to install malware automatically.

{{howLabel}}:

• Windows: Go to Settings > Windows Update > Check for updates.
• Chrome/Edge: Go to Settings > About > Update.
• Enable 'Automatic Updates' to ensure you receive security patches immediately.

{{doneWhenLabel}}: All system and browser software is running the latest version.

{{whyLabel}}: Regular reviews catch unauthorized access or forgotten security gaps before they become disasters.

{{howLabel}}:

• Set a recurring calendar invite for the 1st of every month.
• Review 'Login Activity' or 'Recent Devices' in your Google/Microsoft accounts.
• Check your bank statements for small, unrecognized 'test' transactions.

{{doneWhenLabel}}: A recurring monthly reminder is set in your calendar.

{{whyLabel}}: If an email from a 'friend' or 'boss' asks for money or data, verifying via a different app prevents impersonation fraud.

{{howLabel}}:

• If you get a suspicious email, do NOT reply to it.
• Call the person, text them, or use a separate chat app (Signal/Teams) to ask: 'Did you just send this?'.
• Use official phone numbers from the company's website, not numbers provided in the email.

{{doneWhenLabel}}: You have successfully verified one request using a secondary channel.