Report a Suspicious Email

Report a Suspicious Email

Report a Suspicious Email

Overview

When a phishing message slips into your inbox, reporting it helps protect your coworkers and trains your company's filters to catch similar messages next time. This guide shows you how to report a suspicious email from Outlook on desktop, web, and mobile.

Before You Begin

  • Do not click any links or open any attachments in the message.
  • Do not forward the message to coworkers as a warning. Use the report button instead.
  • The reporting button is built into Outlook. If you do not see it, contact support and we will enable it.

Steps

From Outlook on the web (outlook.office.com)

  1. Open the suspicious message.
  2. Click Report in the toolbar at the top.
  3. Choose Report phishing if the message tried to steal credentials or trick you. Choose Report junk for spam.
  4. Click Report. The message is sent to Microsoft and your IT team, and removed from your inbox.

From Outlook for Windows or Mac (new Outlook)

  1. Select the suspicious message in your inbox list.
  2. In the ribbon, click Report.
  3. Choose Report phishing or Report junk.
  4. Click Report.

From Outlook on iPhone or Android

  1. Open the message.
  2. Tap the three-dot menu in the top right.
  3. Tap Report junk → Phishing.
  4. Tap Report.

If your account does not have the report button

  1. Forward the message as an attachment to phish@bostonmit.com. To attach it, drag the message into a new email instead of using the Forward button.
  2. In the body, briefly note why it looked suspicious.

Troubleshooting

  • If you already clicked a link or opened an attachment: report the email, then follow What to Do If Your Account Is Compromised.
  • If the message is from a coworker whose account looks hijacked: report it and then contact that coworker through Teams or in person to alert them.
  • If you reported a real message by mistake: it can be released from quarantine. See Release an Email From Microsoft Defender Quarantine.

Related Articles

Need More Help?

Submit a ticket at support.bostonmit.com or email support@bostonmit.com.

    • Related Articles

    • Recognize a Phishing Email

      Recognize a Phishing Email Overview Phishing is the most common way attackers get into a work account. The messages look like ordinary email but are designed to trick you into clicking a bad link, entering your password, or paying a fake invoice. ...

    • Report a Lost or Stolen Laptop or Phone

      Report a Lost or Stolen Laptop or Phone Overview If your work laptop or phone goes missing, the device itself matters less than the data and accounts on it. Acting fast lets us lock the device remotely and protect your company. This guide walks you ...

    • What to Do If Your Account Is Compromised

      What to Do If Your Account Is Compromised Overview If you think someone else has gotten into your work account, every minute counts. This guide walks you through the immediate steps to lock the attacker out and recover safely. Read it now, before ...

    • Use a Hardware Security Key for Multi-Factor Authentication

      Use a Hardware Security Key for Multi-Factor Authentication Overview A hardware security key is a small USB or NFC device that proves it is really you when you sign in. It is the strongest form of MFA available because attackers cannot phish a ...

    • Use Your Company Password Manager

      Use Your Company Password Manager Overview A password manager remembers every password you use so you do not have to. Your company provides one as part of your standard tools. This guide explains how to install it, save your first password, and use ...