I received a suspicious email

An email lands in your professional inbox. The sender looks familiar, but something is off: the address is slightly different, the tone is urgent, and you are being asked to click a link or hand over sensitive information. You are not sure if this is a phishing attempt, a poorly worded legitimate message, or a targeted attack on your business.

What the assistant does

The assistant helps you analyze the email methodically, without clicking anything in it.

Sender analysis: the display name can be misleading. The assistant guides you through revealing the full email address and checking whether the domain actually matches the organization it claims to represent. An email claiming to be from your bank but sent from an unknown domain is a strong indicator of phishing.

Link inspection without clicking: the assistant explains how to hover over links to reveal the actual URL in your email client’s status bar, and which parts of the URL to focus on first (destination domain, suspicious subdomains).

Header verification: if you can display the full message headers (available in Outlook and Gmail), the assistant interprets them to check whether the message actually passed through the legitimate servers of the claimed sender.

Context assessment: the assistant helps you cross-reference the email content with your business context. A supplier requesting an urgent wire transfer to a new account always warrants a phone call to verify, regardless of how legitimate the email looks.

When an expert takes over

If doubt remains, or if you have already clicked a link, an iokoo cybersecurity consultant takes over.

They analyze the message headers and suspicious URLs in an isolated environment, assess the real risk, and tell you what to prioritize: blocking the sender, alerting your team, changing passwords, or contacting your cyber insurer if necessary. If a targeted attack is confirmed, they coordinate the incident response.

See our expert pool page to learn more about the available profiles.