Reporting Phishing - Protect yourself and the University

Phishing emails are by far the most common initial entry point for cybercriminals seeking to carry out major attacks, including ransomware. They can also lead to significant personal impact, including financial loss.

Last year, we introduced a simple way to report any phishing emails you receive to IT instantly. Many of you have made fantastic use of this feature, please keep up the good work!

If you haven’t used it yet, and you receive a suspicious message, just look for the Report Phishing button on your Outlook ribbon:

What happens when I report a message?

A copy of the email will instantly be sent to the IT Department, who will assess it based on various factors including the reach of the message and severity of the threat. We will then take action to protect the University where necessary.

Additionally, your report will be plugged into Microsoft’s global threat intelligence network, helping them prevent malicious emails being delivered to anyone using their email service.

You can also report phishing from Outlook online and mobile app versions:

How to report from the Outlook Mobile App

Open the message and expand the options menu (outlined below):

3 dots for options menu

Tap the “Report Phishing” button:

Report Phishing button at the bottom of the menu between Send to OneNote and More Add-Ins

How to report from the Outlook Online (OWA)

Reporting from Outlook online is similar to within the app, just with a slightly different layout. Expand the options menu and click the Report Phishing button. Here’s what to look for:

3 dots for options menu

Report Phishing button on the menu after OneNote

Find out more

You’ll find more information on protecting your personal devices in Toolkit’s Information Security resource.

If you’d like to hone your phishing detection skills, check out this handy quiz from Google to see if you could spot a phish: https://phishingquiz.withgoogle.com

Author: Information Security Team, DDIS