Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.yupvid.com/llms.txt

Use this file to discover all available pages before exploring further.

Phishing is the most common vector for account compromise. Most successful attacks exploit urgency and impersonation — knowing the patterns makes them easy to spot.

Common patterns

Urgency and pressure — “Your account will be suspended in 24 hours.” Legitimate systems don’t work like this. When in doubt, verify through a separate channel. Mismatched sender domains — An email claiming to be from your bank with a domain like secure-bank-alert.net is a red flag. Check the full email address, not just the display name. Requests for credentials — No legitimate internal system will ask you to enter your password via email. If a link takes you to a login page you weren’t expecting, close it. Unexpected attachments — Don’t open attachments you weren’t expecting, especially .exe, .zip, or macro-enabled Office files.

What to do

If you receive a suspicious email:
  1. Don’t click any links or download attachments.
  2. Report it using the “Report Phishing” button in your email client, or forward to security@example.com.
  3. Delete it.
If you clicked a link or entered credentials:
  1. Change your password immediately.
  2. Notify the security team at security@example.com — include the URL you visited.
  3. Don’t wait to see if anything happens. Speed matters.

Simulated phishing tests

IT runs periodic simulated phishing campaigns. Clicking a simulated phishing link triggers a short training module — it’s not punitive. The goal is awareness. If you receive an unusual volume of phishing attempts targeting your account specifically, notify the security team.
Last modified on May 4, 2026