Understanding and Reporting Email Phishing and Spam

What is Email Phishing?

Email phishing is a cyber-attack wherein malicious actors deceive individuals into divulging sensitive information or downloading harmful software by masquerading as a trustworthy entity. These deceptive emails often appear to come from reputable sources like banks, social media platforms, or even colleagues. The goal is to trick the recipient into clicking on links, opening attachments, or providing personal information such as passwords, credit card numbers, or social security numbers.

What is Spam?

Spam refers to unsolicited and often irrelevant or inappropriate messages sent over the internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc. Examples of spam include:

• Advertisements for products or services you did not sign up for
• Emails from unknown sources offering large sums of money or prizes
• Messages promoting suspicious links or attachments

NOTE: There is no need to report spam which is already in your junk folder. If it is in your junk folder, it has been identified as spam.   

The Difference Between Phishing and Spam

While both phishing and spam are unsolicited emails, their purposes differ:

• Phishing: Specifically aims to steal sensitive information or install harmful software.
• Spam: Generally used for advertising and does not typically intend to harm the recipient but can be annoying and potentially dangerous if it contains malicious links.

Why is it Important to Report Email Phishing?

Reporting email phishing is crucial for several reasons:

• Protection: By reporting phishing attempts, you help in safeguarding yourself and others from potential identity theft, financial loss, and other cybercrimes.
• Prevention: Timely reporting can help our cybersecurity team to block and mitigate the spread of phishing emails, reducing the risk of further attacks. 
• Awareness: Reporting phishing attempts raises awareness within the organization, prompting further education and preventive measures for employees.

How to Report Phishing using the Microsoft Outlook Report Button 

Reporting phishing emails in Microsoft Outlook is a straightforward process designed to enhance security and protect users. Follow these steps to report a phishing email using the Outlook Report button:

Step-by-Step Guide:

• Step 1: Open Microsoft Outlook and navigate to your Inbox.
• Step 2: Select suspicious email(s). Ensure you do not click on any links or download any attachments within the email.
• Step 3: In the toolbar, locate the "Report" button. This button might appear as a shield icon or labeled explicitly as "Report".
• Step 4: Click on the "Report Phishing" option. Outlook will ask for confirmation before proceeding.
• Step 5: Confirm the action. The email will be reported to Microsoft’s security team for analysis, and it will also be moved to your Junk Email folder.

NOTE: There is no need to reach out to OIT Security. If you clicked links, provided information to the threat actor, or if you suspect your account is compromised, contact the OIT Help Desk immediately.

How to Report Spam using the Microsoft Outlook Report Button

Reporting spam emails in Microsoft Outlook is similarly straightforward. Follow these steps to report a spam email:

Step-by-Step Guide:

• Step 1: Open Microsoft Outlook and navigate to your Inbox.
• Step 2: Select spam email(s). Avoid clicking on any links or downloading any attachments.
• Step 3: In the toolbar, find the "Report" button, and select "Report Junk" from the dropdown menu.
• Step 4: Confirm the action when prompted. The email will be moved to your Junk Email folder and reported to Microsoft.

NOTE: There is no need to reach out to OIT Security. If you clicked links, provided information to the threat actor, or if you suspect your account is compromised, contact the OIT Help Desk immediately.

By accurately reporting both phishing and spam emails, you contribute to a safer digital environment and help combat the threat of cyber-attacks effectively.