Every day, cybercriminals use increasingly sophisticated tools to trick people into clicking on harmful links sent by email. Even businesses and government agencies with strong security systems are vulnerable if a single employee unknowingly releases a dangerous message. Here is how easily a moment of trust can lead to serious consequences.
In a recent San Diego case where an organization’s security system correctly flagged and quarantined a phishing email, the email user manually released the bad email because they believed they recognized the sender. This first step put the organization’s information one step closer to being seized.
After opening an encrypted attachment using the password provided in the email, the user clicked a link that prompted them to enter their Microsoft Office 365 login. That login information was captured by a criminal using an AI‑powered phishing tool called EvilTokens. Within minutes, the bad actor used the stolen credentials to send mass emails to the victim’s contacts and beyond.
Incidents like this can happen to anyone. That’s why awareness and prevention are your strongest lines of defense.
Red flags include:
An email that has been automatically quarantined or flagged by your security software
A message claiming to be from someone you know but with unusual language or tone
Encrypted or password‑protected attachments you were not expecting
Urgent instructions to click a link or open a document
Requests to log in to your account through a link in the email
Slight misspellings in email addresses or links
Possible consequences include:
Theft of your login credentials
Criminals gaining access to your email, files, and cloud accounts
Mass phishing emails sent from your account, harming your reputation and exposing others
Data loss or exposure of sensitive personal or work information
Financial loss if attackers gain access to accounts or trick others using your identity
Disruption to workplace systems or broader network compromise
What to do if you receive a suspicious email:
Do not open attachments or click links you were not expecting.
Do not remove an email from quarantine unless you are absolutely certain it is safe.
Independently verify the sender by contacting them through a known, trusted method.
Report the email to your IT or security department immediately.
If you clicked a link or entered your credentials, contact your IT department right away so they can reset your password, secure your account, and prevent further damage.
Trust your instincts. When something feels off, it probably is.
Cybercriminals rely on our trust and urgency to bypass the protections that keep us safe. A few moments of caution can prevent significant harm to you and your organization.
Staying vigilant helps protect not just your own information, but our entire community.
The San Diego County District Attorney’s Office is committed to keeping our communities informed and protected as criminals evolve their tactics. By staying alert and spreading awareness, we can stop these scams and keep families safe. To learn more about our Consumer Protection Unit, visit our consumer protection page at www.sandiegoda.com.