Posts

How to Report Phishing, Spam, & other malicious emails

Written by Chris Smith on January 4, 2022

In ITS, we are committed to providing employees with practical tools to help you report suspicious emails, identify them as malicious, and remove those emails across our systems to protect your employee account and unclutter your inboxes from spam and phishing attempts.

To begin this year, we are excited to announce the launch of a new button integrated into Microsoft Outlook Desktop and O365 Web Mail to report suspicious email. The reporting button is called “Phish Alert” and uses a new platform called “PhishER” to manage reporting.

This sounds great! How do I report a suspicious email?

Reporting suspicious email at SMCCCD has never been more straightforward, using a new button available in your Outlook desktop or web client. For any email you consider suspicious, find the button in your email client (see below for screenshots), and follow the steps.

Outlook Desktop Windows/Mac

Look for the icon in the main toolbar.

Old version outlook:

old version outlook

New Version Outlook:click the “…” (actions), then find Phish Alert from the dropdown list.

new version outlook

Microsoft 365 Add-in Pane

On a specific email, click the “…” (actions) link next to the open email, then find Phish Alert from the dropdown list.

outlook 365
knowbe4 phishing alert in outlook365

Outlook Mobile Android

Look in the response options section of any email.

Phishing alert in Android App

Outlook Mobile iOS

Look in the response options section of any email.

Phishing alert in iOS App

What happens after I report an email?

After you click the Phish Alert button on a phishing email, the following steps occur:

  1. The email will be quarantined from your inbox
  2. The PhishER platform analyzes your email and lets you know if it is likely to be spam, phishing, or a clean email.
  3. The email is forwarded to our Incident Response team where we can review the message
  4. If the IT team confirms the phishing attempt, the malicious email is automatically removed from every inbox across our institution.

We are rolling out a more in-depth video tutorial in the coming weeks, but you can start using the button immediately to report suspicious emails. Please reach out to the ITS help center if you have any questions.