Kingston Police are letting local residents know that learning how to handle suspicious emails is essential to keep businesses or organizations safe from cybercriminals. If a person does not correctly handle a suspicious email, they could fall victim to a phishing attack.

Local police offer tips to help deal with these difficult and potentially dangerous situations.

Do not reply to the Email:

"If you receive a suspicious email that appears to come from someone you know, you may be tempted to reply to the email to learn more. However, if you reply to the email, you may increase the security risk. If an email account has been compromised, the person who replies back to you probably won't be who you expect. You could actually be communicating with a cybercriminal," Police explained.

Do not forward the Email:

Police say that "The best practice is to never click a link or open an attachment that you were not expecting. However, if you are fooled by a phishing email and you click a malicious link or open a malicious attachment, you may find that the link or attachment will not behave as expected. For example, if you open a suspicious image attachment, the file may actually open an installation window. Or, if you click a malicious link, the link may redirect you to a fake login page."

They continue explaining that "If the link or attachment is suspicious, you may think about forwarding the email to a coworker for help. However, forwarding the email to a coworker could increase the risk. If you click on a link or open an attachment, consider any unusual behaviour as a red flag. Never forward unusual or suspicious emails to other users. If you forward a phishing email, you increase the risk of a security breach because your coworker may click the phishing link as well."

Do not mark the Email as Spam:

Spam emails are typically unwanted advertisements. While spam emails may be annoying, they are usually harmless. However, police explain that "a phishing attack is a malicious email designed to look like a legitimate message. Phishing emails typically include a call to action, such as clicking a link, opening an attachment, or even transferring money."

"If you mark a suspicious email as spam, the email will be moved to a different folder along with any other emails from the same sender. So, if you move the suspicious email to a spam folder, the email will be hidden. However, the problem will not be resolved," says Police.

Finally, Police offer the following general tips for safety:

The best way to handle a suspicious email is to report the email to the business or organization. If a person reports the email, someone from the local IT team can assess and mitigate the threat.

When a person receives a suspicious email, it is suggested they follow the tips below to stay safe:

- Be sure to follow your organization's process for reporting suspicious emails

- If you do not know how to report the email, leave the email in your inbox and ask a manager or supervisor for help.

- If you are not sure whether an email is spam or a phishing attack, report the email and have your IT team handle the situation.

With files by CFRA's Connor Ray

