Reporting Phishing Emails using the Outlook App

In a previous post, we detailed how you can report phishing emails using the “Report Phishing” add-in from Microsoft. In this short post, we will be using the Outlook App to do the same. If you are suspecting that the message you are reading is a phishing attempt, you can easily report it using the “Report Phishing” button in Outlook.

Why Report Phishing in Outlook?

A phishing email is an attempt to get private information such as your account number, username, password, phone number or financial information. This is often done by including links or malicious HTML attachments. Once you click the link or open the attachment, you will generally be presented with a web page that looks very similar to a login page or form from a legitimate organization. This can be a fake Microsoft 365 login page or a fake password reset page from Paypal for example. If you provide your personal information, criminals may gain access to your company’s network account or to your private social media or bank account. If you suspect that you have received such an email or opened a link that looks suspicious, don’t click anything in the email or do not enter any personal information. Instead, report it so that your security team can take action to protect you and your team.

How to Report Phishing Emails using Outlook?

First, click on the email you suspect to be a phishing attempt. Make sure you do not click any of the links or buttons included in the email. Then click the Report Phishing button in the menu bar. Once you have done this, a pop-up will appear asking if you want to report the phishing email. Select Report.
Reporting a message as a phishing email in Outlook for Android
Reporting a message as a phishing email in Outlook for Android
  Once you have reported the email, it will be deleted from the inbox and moved to the deleted items folder. If you report an email in error, you can retrieve the email from your Trash/Deleted Items folder.

When Should I Report a Phishing Email?

Use the Report phishing feature anytime you received a suspicious email or any potentially dangerous email including unknown attachments. All emails you report will be automatically forwarded to the security team to locate similar emails and prevent your teammates from clicking on malicious links. Emails reported will also make it easier for the algorithm to detect future phishing attempts for your organization. Better be safe than sorry!