How to Report Phishing Emails in Outlook

Overview

Phishing emails are fraudulent messages designed to trick you into revealing personal information or installing malicious software. Reporting these emails helps protect you and others from potential threats. Here’s how you can report phishing emails in Outlook (Ex. of a possible phishing email below): 
 

Here’s how you can report phishing emails in Outlook:

Steps

• Identify the Phishing Email 

  • Suspicious Sender: Check if the email is from an unknown or suspicious sender. 
  • Unusual Content: Look for unusual requests, such as asking for personal information or urgent actions. 
  • Links and Attachments: Be cautious of links and attachments that seem out of place. 
     
• Do Not Interact with the Email
  • Avoid Clicking: Do not click on any links or download attachments from the suspicious email. 
  • Do Not Reply: Avoid replying to the email, as this can confirm your email address to the sender. 

• Report the Email​​​​​​

  • The following steps will guide you on how to properly report an email to our Cybersecurity Team. Please note that there are two different versions of Outlook, and the steps you need to follow will depend on which version you are using.
     

    • Desktop Application Version

      • Step 1: Open Email

        • Find the email in your inbox that you suspect might be phishing or malicious.
           

          
           

      • Step 2: Click on the three dots 

        • Click on the three dots; located on the right corner of the email toolbar.
           

          
           

      • Step 3: Click on “Other Reply Actions”

        • From the three dot drop down menu, select “Other reply actions.”
           

          
           

      • Step 4: “Forward as Attachment”

        • Choose the “Forward as attachment” option.
           

          
           

      • Step 5: Compose a New Email and Address the Email to the Cybersecurity Team

        • A new email window will open with the suspicious email attached.

        • Enter the email address of your cybersecurity team: cybersecurity@imperial.edu

        • Add any necessary details, and send the email.
           

          
           

    • Web Version:

      • Step 1: Open Email 
        • Find the email in your inbox that you suspect might be phishing or malicious.
          
          
           
      • Step 2: Hover Over the “Forward” Tab
        • Move your cursor to the “Forward” button. In some email clients, this might be represented by an arrow icon.
          
          
           
      • Step 3: Select “Forward as Attachment”
        • Click on the drop-down menu next to the “Forward” button and choose the option “Forward as attachment.” This ensures that the email is sent in its entirety, including headers.
          
          
           
      • Step 4: Compose a New Email and Address the Email to the Cybersecurity Team
        • A new email window will open with the suspicious email attached.
        • In the “To” field, enter the email address: cybersecurity@imperial.edu
          
          
           

Note: After forwarding the email, please ensure you follow the subsequent steps:

• Block the Sender 

  • Block: After reporting, you can block the sender to prevent future emails from them. 

    • In the desktop application version, go to Home > Report > Report Junk > Report

      

    • In the web version, click on the three dots > Block > Block Sender.

      
       
• Delete the Email 

  • Delete: Remove the phishing email from your inbox to avoid accidental interaction.