--000000000000d0c68106249bafcc Content-Type: multipart/alternative; boundary="000000000000d0c67f06249bafcb" --000000000000d0c67f06249bafcb Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable [image: image] Stay Vigilant: Protect Yourself from AI-Enhanced Phishing with S-H-I-E-L-D Hello Team, Reports of AI-assisted phishing attempts are on the rise, particularly targeting platforms like Gmail. You may have read some articles reporting the increased instances of AI assisted complex phishing attempts on users of Gmail (for reference here ). These sophisticated attacks make it more important than ever to stay alert when reviewing emails and texts. At TheKey, we are continually improving our security measures, but you are our first line of defense. Stay Safe with S-H-I-E-L-D: S =E2=80=93 Scrutinize the Sender Check if the sender=E2=80=99s domain (e.g., thekey.com) is correct. Phishin= g emails often contain small, sneaky alterations in domain names. H =E2=80=93 Heed Typos and Errors Watch for spelling mistakes, extra spaces, or odd capitalization=E2=80=94sm= all but telling signs of phishing attempts. I =E2=80=93 Investigate Before Sharing Never share sensitive information through email without confirming the message is legitimate. Contact the sender using a previously known address or phone number to verify authenticity. E =E2=80=93 Examine Links and Attachments Hover over URLs and attachments to reveal their true destination. If something looks suspicious, don=E2=80=99t click it. L =E2=80=93 Look for Urgency or Scare Tactics Be cautious of messages that demand immediate action or threaten negative consequences=E2=80=94common tactics used by attackers. D =E2=80=93 Double-Check and Report Review your accounts regularly for unauthorized activity. If you receive unexpected shared documents, don=E2=80=99t open them unless you recognize t= he sender. If you=E2=80=99re unsure whether an email is legitimate, use the Phishing b= utton in Gmail or send the email to itsecurity@thekey.com for review. Types of Phishing Attacks to Watch For: - Phishing: Attackers impersonate a legitimate company and request your login credentials through a fake link or login page. - Spear Phishing: A more targeted attack that uses personal information (like your name or phone number) to appear legitimate. These messages ma= y reference TheKey to make them seem trustworthy. - Whaling: Attackers impersonate senior executives (e.g., CEO or CFO) to request money transfers, gift cards, or sensitive data. These emails oft= en look authentic but come from slightly altered domains. - Shared Document Phishing: You may receive fake alerts from services like Dropbox or Google Drive, prompting you to open a document via a link. Th= ese links often lead to a fake login page designed to steal your credentials= . Throughout Cyber Awareness Month (October), we=E2=80=99ll send helpful tips= to further prepare you to recognize and avoid phishing attacks. Thank you