Reporting A Phishing Email
Currently available email filters are great at targeting spam, but despite advances in technology, a small percentage of malicious messages still end up in users’ inboxes. PhishAlarm® allows end users to report phishing emails and other suspicious messages with one mouse click, and PhishAlarm® Analyzer helps organizations identify and target the most pressing threats. A simple but effective email client add-in, PhishAlarm can reduce the window of risk associated with active phishing attacks, extending phishing prevention to the desktop and allowing users to easily report phishing and stop social engineers and hackers in their tracks. The PhishAlarm Button allows IWU employees and students to report suspicious messages to the Information Security Office and incident response teams with the click of the “report phish” button. This is a valuable addition to security awareness and training programs, as early reporting can dramatically reduce the duration and impact of an active phishing attack.
Procedure for Submitting Suspected Phishing (Scam) Emails
Locate the email you wish to report noting these important criteria prior to submittal:
At a basic level does the email contain a web link, attachment and/or requests a reply or action? IF this is the case then it is a candidate for forwarding and you can reference these best practice rules as set out by the knowledge base article on Email scams to determine if it should be forwarded - (How to Identify Email Scams) One important tip - If the email is from an IWU user [please verify the full email address] BUT is showing the following banner at the top of the email body, then it is more than likely a malicious email:
** This message originated from outside the Indiana Wesleyan University email system **
Proceed with the following options depending on the client you are using to submit the email:
OPTION 1 - Reporting with Outlook PC CLIENT
1. Select the email by highlighting it in the Inbox
2. Click on the 'REPORT PHISH' button in the upper right hand area of the Outlook client tool bar.
3. A notification pop up will prompt you to verify that the email you are submitting meets the criteria for submittal. If you are certain you wish to submit click on the REPORT PHISH button within the notification box as shown below.
4. You will then be prompted to close the next notification box. Please close the box.
You will notice that after submitting the email it will then be removed from your inbox. At that point the email has been sent to IT Security and will be reviewed as soon as possible.
OPTION 2 - Reporting with Outlook MOBILE CLIENT
Select the email by selecting it on your mobile device's Outlook email client
1. Click the three dots [ ... ] in the upper right hand corner of the email under the time.
2. Click on the 'REPORT PHISH ICON'
3. After doing so please proceed with Step #3 in OPTION 1 (in the Outlook PC client)
OPTION 3 - Reporting with Outlook WEB CLIENT
1. Select the email
2. On the right hand side of the browser, within the email, there will be three dots [ ... ] - Click on the dots and a drop down will appear.
3. Click on the Report Phish Button to report the email
A box will open asking you to confirm the submission of the phishing email. Click 'REPORT PHISH' and then 'CLOSE' at the next box that appears.
Additional Important Notes
- Do not submit advertisements, requests to join third party commercial groups, community announcements or email from organizational groups that may be associated with IWU unless you have suspicions that the emails may be malicious in nature.
- If an email is determined to be harmless it will be sent back to you. It will be returned but the format will contain some information that is used by our staff to analyze the email. The original content of the email will remain in the section called ---- Begin Reported Email --- which will typically appear about 1/2 way into the email thread.
- There is no need to contact the Support Center once you report an email. It is CRITICAL that you do contact the Support Center if you have clicked on a link, opened an attachment or responded to a reported email. We request this not for punitive purposes but primarily to conduct additional inspection on your account or device as it may have been compromised as a result of actions taken on the email.
Any additional questions can be sent to IWU-ITSecurity@indwes.edu