Reporting Suspicious or Malicious Email

Issue/Question

Reporting email as suspicious or malicious

I believe an email may be phishing

Is this email a scam?

Environment

  • Outlook 365
  • Outlook Mobile for IOS
  • Outlook Mobile for Android

Cause

Click the Phish Alert Button (PAB) if you believe you have received a phishing email or any potentially dangerous email. Any emails you report using the PAB will be automatically deleted from your inbox. The emails you report will also be forwarded to our IT Security team for analysis. If deemed safe, the email will be returned to your inbox.

Resolution

  1. If the email is in your Junk folder, you do not need to report it
  2. Click the suspicious email 
  3. Click Phish Alert    
    1. In Microsoft 365, the Phish Alert Button will appear in the Apps tab in an open email, as shown below.
    2. Uploaded Image (Thumbnail)​​​​​​​​​​​​​​Phish Alert Button (PAB)  iOS
    3. Phish Alert Button (PAB) Android
    4. Phish Alert Button (PAB) Outlook Desktop
      In Outlook, the Phish Alert Button will appear in the top banner 
      ​​​​​​​Note: If you need help finding PAB button in Outlook
  4. Click Report Phish
  5. If Phish Alert does not work, restart the computer

Note: When viewing an email in Outlook Mobile, you will need to click on the second More Options menu   or   and then select Phish Alert.  This will be located next to the sender's name and the subject of the message

Note: When viewing an email in outlook.office.com, you will need to click on the More Actions menu    in the top right corner of the message and then select Phish Alert V2.  This will be located next to the Reply All  and Forward buttons.

Note:  Reporting Phishing from Shared Department Account
Note:  Sanford employees with a mail forward do not have the phish alert button

Please contact the Service Desk if you need further assistance

ITS STAFF ONLY

  1. Follow the steps in the Article Processing Malicious Emails Reported by Customers
  2. When a phishing email from our Phishing Campaign is reported from a Sanford employee with a mail forward, see article SSOM Successful Phishing Campaign
  3. Vendor soc@ren-isac.net reported a compromised credential Verifying reported credentials

 

 

 
 
 
 
100% helpful - 17 reviews

Details

Article ID: 71
Created
Mon 6/11/18 10:15 AM
Modified
Fri 3/15/24 4:23 PM
KCS Article Status
WIP: Only Problem & some Environment captured
Not Validated: Complete & Resolution captured, confidence lacks in structure, content, no feedback
Validated: Complete & reusable, used by licensed KCS user, confidence in resolution & std. compliance
Validated

Related Articles (4)

Phish Alert Button Missing
How to locate the phish alert button
Phish Alert Button Missing for Shared Mailbox
How-to guide for using the phish alert button from a shared mailbox
Reporting Credential Dump Email
USD ITS receives emails from soc@ren-isac.net regarding compromised credentials
Suspect USD Email Account or USD Account is Hacked/Compromised
If you notice suspicious activity on your account or have reason to believe your USD Account or USD email has been hacked/compromised, seek help immediately.

Related Services / Offerings (1)

Anti-Phishing Policy
This tool is intended to cut down the number of scam email messages that many University students, faculty, and staff receive every week.