Signs of a phishing email

Method 1 — Outlook Desktop (Windows & Mac)

1. 1

   Select the suspicious email — but do not open any links

   Click once on the email in your inbox to highlight it. Do not click any links, buttons, or attachments inside the email.

   ⚠️ Important: If you have already clicked a link or entered any details, contact IT Support immediately — do not wait.
2. 2

   Open the "Report" option in the ribbon

   In the Outlook toolbar at the top, look for the Report button in the Home tab. Click it to see the reporting options.

   ℹ️ If you don't see a Report button, look for the Microsoft Report Message add-in in the toolbar — or right-click the email and check the context menu.
3. 3

   Select "Report Phishing"

   From the dropdown menu, choose Report Phishing. This sends the email to Microsoft for analysis and moves it out of your inbox automatically.

4. 4

   Confirm the report when prompted

   A dialogue box will appear asking you to confirm. Click Report to submit. The email will be removed from your inbox.

5. 5

   Notify IT Support if in doubt

   If the email appeared convincing, contained your personal information, or you are unsure whether you interacted with it, please also contact the IT Support desk. There are no silly questions — it is always better to flag it.

Method 2 — Outlook on the Web (OWA)

1. 1

   Right-click the email in your inbox

   In Outlook Web Access, right-click on the suspicious email without opening it. On mobile, long-press the email to bring up the options menu.

2. 2

   Choose "Report" → "Report Phishing"

   From the context menu, hover over Report, then select Report Phishing from the sub-menu.

3. 3

   Confirm and done

   Click Report in the confirmation prompt. The email is submitted to Microsoft and removed from your inbox.