Report Phish Button (formerly Phish Alert Button)

What is the Report Phish button?

The Report Phish button is a feature built into Outlook that lets you send potentially harmful messages directly to the Information Security Office. It provides a simple, one-click way to report phishing without needing to forward emails or create a help desk ticket.

Why should I use the Report Phish button?

  • Keeps SFA safe – Reported emails are reviewed by IT Security so phishing attacks can be stopped quickly.
  • Protects your account – Early reporting helps block malicious links or attachments before more people are affected.
  • Saves time – No need to copy, paste, or forward emails; one click does the work.

When should I use the Report Phish button?

Use the button whenever you receive an email that looks suspicious, such as:

  • Requests for your username, password, or financial information.
  • Messages with urgent or threatening language (“your account will be locked”).
  • Unexpected attachments or links.
  • Emails that don’t look right or come from an unknown sender.

What happens after I click Report Phish?

  1. The email is forwarded to the Information Security Office for review.
  2. The reported message is removed from your inbox (moved to Deleted Items/Trash).
  3. If you reported the message by mistake, you can still retrieve it from your Deleted Items folder.
  4. If the message is confirmed to be phishing, IT Security will take additional steps to protect campus email accounts.

How do I use the Report Phish button?

The Report Phish button is available in Outlook desktop, Outlook on the Web (OWA), and the Outlook mobile app.

Outlook (desktop)

  1. Select the suspicious email.
  2. In the Outlook ribbon at the top, click the Report Phish button.
  3. Confirm when prompted.

Outlook on the Web (OWA / Microsoft 365)

  1. Open the suspicious message in your webmail.
  2. Click the Report Phish button in the toolbar.
  3. Confirm when prompted.

Outlook Mobile App (iOS/Android)

  1. Open the Outlook app on your phone.
  2. Tap to open the suspicious email.
  3. Tap the More Options menu (usually the three dots •••).
  4. Choose Report Phish from the menu.
  5. Confirm when prompted.

 

 

Print Article