What should you do when you think you are being the victim of a spoofing attack ? Imagine that you receive an email that tells you something supposedly important, such as that a transfer could not be made, that your account has been hacked, or that your domain registration is about to expire. They ask you to act quickly to avoid greater evils .
Although the message seems authentic at first glance , it sounds a bit strange to you. Perhaps the content does not fully match reality or makes you feel too pressured, but you are not sure that it is an attack. What should you do?
First of all, stay calm and don't rush . If the message is an email, don't click on any links in it . Use a second communication channel to check if the message is authentic. At this time, it is essential that you reduce the risk of attack: if possible, use another device and a secure application that you do not use regularly.
Consider these examples:
Suppose you have received a supposedly fake email on your work computer. As a second communication channel, you can use an end-to-end encrypted messaging application on the mobile phone.
You have received a suspicious call or text message on your mobile. You should use that phone with caution and, instead, use the one of the colleague next door to contact someone you trust.