Phish bait

Are you sure the urgent email you just received from Human Resources requesting your employee ID number was legitimate?

Cybercriminals know that office workers receive an average of 100 emails a day. The more emails people receive, the more they let down their guard, creating opportunities for phishing attacks.

Phishing involves fraudulent emails that appear to be from a financial institution, business or government agency, but actually are designed to con users into revealing online passwords and other personal information.

To protect yourself — and the Postal Service — the CyberSafe at USPS team offers the following tips:

• Verify the sender: If the email is from an “[EXTERNAL]” address, proceed with extra caution.

• Slow down: Pause and evaluate messages before acting. Be wary of “urgent” requests.

• Spell check: Spelling and grammar mistakes often indicate a phishing attempt.

• Beware of attachments: Don’t open or click anything attached to a suspicious email.

• Hover, but don’t click: To ensure hyperlinks are accurate, hover your mouse over the link.

If you think you’ve received a phishing email, let USPS know by selecting the suspicious message in your inbox and clicking the “Report to CyberSafe” button on the top right side of the Outlook toolbar.

If the email is already open, the button will appear in the email toolbar as well.

If you don’t see the button on your Outlook toolbar, you can install it. The USPS ServiceNow website has instructions.

The CyberSafe at USPS Blue and LiteBlue pages have additional information.