If you have not opened it, delete it from your inbox and email recycle bin.

No, we have no incident of any malware being attached with this message.

If you have opened the malicious email message and DID NOT provide your user name and password, then it is not impersonating you or replicating messages from your email. Your account is safe, please delete the message.

If you clicked the link in the phishing message and entered your user name and password, the attacker has your email credentials and they will impersonate you to send out messages.

Change your email password immediately.

Engage your onsite IT support.

Inform your contacts about this phishing attack so they can take measures to safeguard themselves.

Check for any inbox rules the attacker may have set up on your account. Your on-site IT support will be able to assist with this

Phishing emails try to trick people into providing login credentials to an attacker. The attacker will use these credentials to send more phishing emails, or use the credentials to log into other related systems for other malicious activities (data theft, ransomware, etc.)

If you received the email in your work email, your organizations information security department may want to know about it. Check with your manager if you’re unsure.

If you received the email on your personal account, you probably don’t need to report it.