Welcome to the VCS IT Help Center!

Check out our step-by-step tutorials, informative knowledge base articles and FAQs, or submit your own questions for support

Is that service or webpage down? Click here to find out --->

Articles in this section

How to report a phishing email Follow

Avatar
Mike Annab
  • Updated

Email is the most commonly used communications application for business. Unfortunately, phishing emails have become all too prevalent. Phishing emails are now the number one cause of data breaches, so it's vitally important that we learn how to spot them and take action. 

In this quick tutorial, you'll learn how to report a phishing email. It's very simple and takes only 1 step. Please do not forward phishing emails to the IT department.

We have installed a "Phish Alert" button as part of your Outlook email client. Whether on a Mac or PC, or using the Microsoft Outlook on your mobile device, your Outlook inbox has a new button that allows you to quickly and easily report suspected phishing email. Here's a screenshot of what it looks like. 

 

Mac Outlook View (with Dark Mode enabled)

 

Other Mac Outlook Versions

or

mceclip0.png

 

PC Outlook View

 

On the Outlook Mobile App

NOTE: The native mobile mail App may not have the Phish Alert action.

 

1. Press the More (...) button.

 

2. Press the Phish Alert.

Before we use the Phish Alert button, we need to figure out if this is phishing email. Notice this recent email that purported to be sent by our president, Dr. Clifford Daugherty. By the way, this is a common strategy for phishing emails. It's so common that it's been given a name, it's called "CEO Fraud." The idea is that if users see an email from the CEO, they won't hesitate to comply with their wishes.

Notice the email shows "CLIFFORD DAUGHERTY" (being in all caps is unusual and one of the criteria telling us this isn't valid). But notice the actual sender email, which is from "tylerhenry@inbox.lv" in the first example, and from "marybrewer05@inobox.lv" in the second example. The .lv top level domain is the country code for Latvia. The all caps sender name, the strange email format, the strange request, and the foreign domain all tell us this is not a legitimate email. 

Now that we've established this email as a phishing email, we can click the Phish Alert button, as shown in the examples above.

Once you confirm by clicking the Phish Alert button, as shown in the image below, the email will be processed as a phishing email. That's it! You've helped us combat phishing emails! 

phish-PM.png  

Thanks in advance for reporting phishing emails and helping to keep our computing environment more safe!

 

Related articles

Comments

0 comments

Please sign in to leave a comment.