HomeTrainingPhishing: email, SMS, QR codes, and sign-in links
Module 2 · 8 min

Phishing: email, SMS, QR codes, and sign-in links

How to recognise a message that looks like a bank, delivery service, Microsoft, or a manager.

The employee checks sender, domain, urgency, and requested action before clicking.

Threat

In CERT.LV 2026 data, fraud is one of the largest Latvian threat groups.

What to know

  • Phishing does not always ask for a password immediately. It may ask you to open an attachment, enter a code, approve Smart-ID, or connect a device.
  • Attackers use short deadlines, fear of account blocking, and similar-looking domains.
  • QR codes and short links should be treated as hidden links: check the final domain before entering data.
  • A link from a familiar person does not prove that their account has not been taken over.

Actions

  • Do not enter a password, code, or card details through a link that arrived in a message.
  • Open the service manually by typing the address or using a bookmark.
  • Forward suspicious messages to the responsible person or IT, not to a group chat with the active link.
  • If you already entered data, report immediately instead of waiting until the end of the day.

Manager note

Phishing training should measure not only clicks, but also how fast people report suspicious messages.

Sources