Quote Originally Posted by Carlos Martin View Post
So, we are not supposed to click on the links sent via email? and, how can we recognize whether it's a means of spear phishing or actually send by authorized destination?
There's a few ways you can check whether its spear phishing or an authorized email!

- First, without clicking the email you can verify the sender's email to see if they are who they claim to be. I use gmail on my Mac and I can hover over the name of an unopened email and see the sender's email.
- Then you'll want to verify the sender's email is who they are claiming to be (ie. make sure the email matches up exactly to your executive or your bank's email). Sometimes spear phishing email addresses can have slight differences in spelling or punctuation from the authorized email address.
- If you do open the email, you can also hover over the links in the email to see a preview of the URL (mine shows up on the bottom left of my screen). If the links do not look exactly what they claim to be (again checking spelling and punctuation), it's def not safe.