Report a Phishing Email

Phishing and other scamming efforts are becoming so ubiquitous that Microsoft offers an easy mechanism that allows users to report suspicious emails within recent versions of their Outlook email application. Those behind phishing scams are becoming more and more sophisticated with their attacks — sometimes impersonating employees within an organization, simply by reviewing a corporate website and gathering information about department heads, names, positions, and email addresses. By spoofing the corporate email addresses, employees are fooled into believing a company associate was the sender of what turns out to be a malicious email.

What is Phishing?

Phishing is an attempt by an email sender to impersonate an individual, a company or an organization. Some phishing attempts try to obtain personal or corporate information such as bank or credit account numbers, or login information. Other attempts include impersonating people within an organization in order to obtain more information about the company itself or perhaps to steal corporate login credentials. Some companies have reported that scammers have even impersonated the CEOs of companies since their information is readily available on most corporate websites. 

How to Report

Whether you use Outlook while on the job, or at home as a personal email account, there is an easy way to report phishing attempts so a fake sender can be shut down. For those using a fairly recent version of Outlook, including Outlook 2016 and Outlook 2019, as you view the email, simply look for the ellipsis in the upper right corner that signifies you can take action on the email or click on the “Report Message” button. Scroll down the list of selections until you see “Mark as Phishing” or simply “Phishing”. After selecting the (report) phishing option, a message box should pop up asking if you want to send a report of the email to Microsoft. Click the affirmative if you want to report the email as a suspicious phishing attempt. If you are using an earlier version of Outlook, you can report a phishing email to Microsoft by forwarding a copy of the suspicious email to: phish@office365.microsoft.com.  

If you would like more helpful tips on how to spot a phishing attempt, please contact us.

Leave a Reply