How to report a phishing email
The University has a tool called PhishAlarm that allows you to easily report a suspicious email, and send us all the information we need to determine if the email you reported is a real phishing attack.
The tool is available both in Outlook on University PCs as well as online in Outlook for Office 365.
If you cannot find the Report Message button, you may need to install it manually. Please check the instructions at the bottom of this page to find out how to do this.
How Report a Message Works
1. When you receive a suspicious-looking email in Outlook simply click on the Report Message button (located as above). This will give you the option to report the email as a phish.
2. You will receive an on-screen message asking you to confirm you wish to report the message (just in case you’ve selected the wrong message).
How to get the Report Message Add-in if it is missing
Get the add-in for yourself
- Go to the Microsoft AppSource at https://appsource.microsoft.com/marketplace/apps and search for the “Report Message” add-in. To go directly to the Report Message add-in, go to https://appsource.microsoft.com/product/office/wa104381180.
- Click “GET IT NOW”.
What do you need to know before you begin?
Both the Report Message add-in and the Report Phishing add-in works with most Microsoft 365 subscriptions and the following products:
- Outlook on the web
- Outlook 2013 SP1 or later
- Outlook 2016 for Mac
- Outlook included with Microsoft 365 apps for Enterprise
- Outlook app for iOS and Android
Both add-ins are not available for shared mailboxes or mailboxes in on-premises Exchange organisations.
Your existing web browser should work with both the Report Message and Report Phishing add-ins. But, if you notice the add-in is not available or not working as expected, try a different browser.