Back to articles

Published: 2026-03-20

Updated: 2026-03-20

5 min read

First Steps After Receiving a Suspicious Email

A practical first-five-minutes guide for what to do, and what not to do, when an email may be trying to trick you.

#families#phishing#email

When a suspicious email shows up, the most important thing is not to panic. Replying too quickly, opening a link “just to check,” or trying to solve it on the spot can make things worse.

What not to do first

  • Do not reply
  • Do not click links
  • Do not open attachments
  • Do not send personal information right away

When people feel rushed, action often comes before judgment. Stopping first is the safest starting point.

What to do first

  • Save a screenshot
  • Note the subject line, sender, and time received
  • If needed, save the message headers too

Leaving a record makes it much easier to review the message later or show it to someone else.

If you are unsure, use an AI tool as a thinking partner

Taking a screenshot and showing it to an AI tool like ChatGPT can help you put the suspicious parts into words. It can point out odd wording, pressure tactics, domain mismatches, or unusual requests.

Many people still do not realize that you can often paste screenshots directly into the chat. You do not need to re-explain the whole email in text first, and one big advantage is that the AI can look at the image itself while helping you organize what seems suspicious.

Still, an AI response should not be your final verdict. Use it as a helper, then verify through the official website, a known contact method, or a trusted family member.

How to check whether it is real

  • Open the official website yourself
  • Contact the service through a trusted phone number or saved contact method
  • Check your own order history or account activity
  • Ask a family member or someone more experienced to take a second look

Do not follow the instructions inside the suspicious email to verify the email itself.

What families can do together

  • Check whether the same message reached anyone else at home
  • Report the sender as spam in your mail app
  • Stay alert for more messages from the same source

Talking about it at home can help prevent the same trick from working on someone else later.

If you already replied by mistake

  • Write down what information you sent
  • Change passwords or take protective action if personal details were shared
  • Tell your family or the right support contact as early as possible
  • Review account activity, orders, or payment statements for anything unusual

Even a small mistake is easier to contain when you act early.

tiny-csirt note

Protecting yourself from phishing is not only about spotting the message. What you do next matters just as much.

Related articles

More articles around similar themes and tags.

#families#phishing#email

2026-03-20

6 min read

Is It Safe to Display Images in a Suspicious Email?

A practical guide to what image loading in email can mean, what to check first, and when not to panic.

#families#phishing#email

2026-03-20

4 min read

Dangerous Even Without Links: Emails That Try to Make You Reply

Not every phishing email is about getting you to click. Some are written to pull you into a reply.

#families#phishing#email

2026-03-20

6 min read

Red Flags to Check When a Suspicious Email Shows Up

A simple checklist for the first few seconds after you receive an email that feels a little off.