Sometimes I send tips to all of my users about identifying threats on their computers. This will generally happen after someone's work email is hacked and everyone else in the company is sent a misspelled email from that person. I'd like to include one here in case it's useful to anyone as a quick user-friendly explanation of phishing.
You may receive a malicious email from internal to the company that attempts to trick you into entering your email password into a website. This attempt is called "phishing". Phishing emails are not always easy to detect, but these are some things you should look for in the future.
Taken individually, these signs don't necessarily mean the email is phishing. If something looks suspicious, then make sure you verify that the sender meant to send you the email. There is little IT can do to prevent this kind of attack, it's up to the individual to identify and handle these threats.