Cybersecurity Awareneness

The email's sender is NOT related to your organization. The hyperlink included in the message shows a site that does not belong to your organization. These two clues indicate that this is a phishing attempt.

If you follow the instructions given and fill out the form, you will be disclosing information, such as your user ID and password, to a cybercriminal.

The salutation is generic. A government revenue agency would never provide specific information, such as a refund amount, in an email.

In addition, the domain name in the URL at the bottom of the message is different than the sender's name, and no additional contact information was provided.

You cannot tell where the "click here" link will take you, unless you hover over the link with your mouse.

Also, lookout for spelling errors.

Attachments should be treated with caution—even from known senders—because accounts can be hacked and files may contain malware. Always verify unexpected attachments before opening.

This option describes malicious software that encrypts data and demands payment to provide the decryption key, matching the scenario.

In a ransomware attack, criminals typically spread malware via email attachments, compromised websites, or vulnerable remote access tools. Once executed, the malware silently encrypts files across the system or network and then displays a ransom note, usually demanding payment in cryptocurrency because it is harder to trace. The victims may face downtime, data loss, and reputational damage.

Good defenses include regular offline backups, patching systems, using endpoint protection, and training staff not to open suspicious attachments or links.

The safest action is to not engage with the suspicious email. You should verify its authenticity through official channels and immediately report it so security professionals can investigate.