The PhishMe Reporter is an add-on to Microsoft Outlook 2016 or later, Outlook Web Access (OWA), and the Outlook mobile client. It is the standard and preferred method to report spam and phishing email messages and should be used whenever possible. It will report the suspicious message to the SF State Information Security Team with all of the necessary information, and delete it from the users inbox at the same time.
Who can use PhishMe Reporter?
This add-on is enabled for faculty and staff.
How to Report Spam and Phishing
Add-ons such as the PhishMe Reporter are intended to be used with the primary email account in Outlook. Here are several workarounds:
- In Outlook, drag the offending message to the primary mailbox, and use the PhishMe button.
- In Outlook Web Access (OWA), "switch" into the shared mailbox account and then use the PhishMe button.
- Create a separate Outlook profile for the shared mailbox and log in to it using the delegated person credentials.
Open or preview the message
Select the Report Phishing button at the top of the Outlook window. Note: If you do not see a Report Phishing link it may be because your Outlook is missing some updates from Microsoft which adds a Report Phishing link in the same way as Outlook Web Access. If this is the case either follow the OWA instructions or update your Outlook application (Help > Check for Updates).
Check the correct message is being reported and select OK.
If the message was a part of the PhishMe training exercise you will receive the feedback shown below that states “Good job! This email was part of our immersive phishing awareness education. Thank you for staying vigilant!” Otherwise, your message will be forwarded (with full headers) to the ITS Security Team and to the Microsoft Online Protection team.
Instructions for Outlook for Windows users is under active development. In the interim please follow the instructions for Outlook Mac 2016.
Open or preview the message
If you are using the older version of OWA, select the Report Phishing icon as seen below:
If you are using "The new Outlook", see below:
Select the 3 dots to see the "More actions" menu choices
Select the Report Phishing icon as shown below:
Check that the correct message is being reported and select OK.
If the message was a part of the PhishMe training exercise, you will receive the feedback shown below that reads, “Good job! This email was part of our immersive phishing awareness education. Thank you for staying vigilant!” Otherwise, your message will be forwarded (with full headers) to the ITS Security Team and to the Microsoft Online Protection team.
Outlook for Android
The following information details how to correctly report spam and phishing email sent to SF State email addresses.
Phishing Email from Internal, Compromised SF State Accounts
If a phishing/spam message originates from an internal, compromised SF State account, SF State should be notified. Compromised SF State accounts can only be resolved by SF State. Microsoft spam filtering does not scan messages sent from one SF State Exchange account to another. Please report compromised SF State accounts to the ITS Help Desk so we can stop the phishing message distribution as quickly as possible. To report compromised SF State accounts, forward a copy of the message with full headers to firstname.lastname@example.org.
Some messages are really spoofed messages: they look like they are from an internal account, but are actually sent using an external server. This can be identified from the message header. Spoofed messages should be reported to Microsoft. The ITS Help Desk can assist in identifying the spoofed messages.
Phishing Email from External Accounts
If the phishing/spam message originates from an external address/server, forward a copy of the message with full headers to email@example.com and firstname.lastname@example.org. This will inform Microsoft who can add it to the block list.
Forwarding with Headers/As an Attachment
Use the following instructions to report spam/phishing to the correct address:
- Mac (Apple) Mail
Information Security Awareness Program
The Information Security team has introduced an ongoing Information Security Awareness program for faculty and staff. This program is designed to help employees protect their sensitive information and that belonging to others. The program combines monthly advisory messages with phishing training exercises. For more information please see: Information Security Awareness program for faculty and staff.