# User Awareness Email - "Recorded Message playback" Phish (2026-04-19)

**Recipients:** crystal.rodriguez@cascadestucson.com, lois.lane@cascadestucson.com, susan.hicks@cascadestucson.com

**From:** howard@azcomputerguru.com (or Arizona Computer Guru IT mailbox)

**Subject:** Heads-up: Fake "Recorded Message" email handled

---

Hi,

This is a quick heads-up: earlier today you each received an email titled **"Recorded Message playback"** that appeared to come from an internal address. It was a **phishing attempt from an external attacker** — not a real voicemail or internal message.

A few things to know:

- You do not need to do anything. We've already removed the message from your mailbox and blocked the sender at the email gateway.
- Your account is not compromised. We reviewed your mailbox settings, sign-in history, and authentication methods — everything is clean.
- If you clicked any link in that email, please let me know right away so we can check further.
- The attacker used a slightly-misspelled display name ("Recoder") and a lookalike sender address. That's a common trick to make phishing look internal.

**Crystal** — great catch reporting this before clicking. That's exactly the right move. Everyone: when in doubt, forward to me (howard@azcomputerguru.com) and we'll verify before you open anything unusual.

Thanks,
Howard Enos
Arizona Computer Guru
howard@azcomputerguru.com