What is one important step to take if you receive an email requesting sensitive information?

Verifying the source before responding to an email requesting sensitive information is crucial for several reasons. Phishing attacks often use emails that appear legitimate to trick individuals into providing confidential information like passwords, Social Security numbers, or financial details. By confirming the sender's identity and authenticity of the request through a trusted channel—such as contacting the organization directly using known contact information rather than responding to the email—you significantly reduce the risk of falling victim to fraud.

Taking this step allows you to assess the legitimacy of the request without exposing yourself or your organization to potential data breaches. This practice is part of a broader security protocol known as "sos" (suspicious object syndrome), which encourages a cautious approach when dealing with unexpected or unusual communications requesting sensitive data.