- Don't assume any email is safe, even if it has not ended up in your junk folder or been quarantined.
- Don't click on any links or open attachments until you're sure it's genuine.
- Use links you trust rather than the links provided in the email.
- If it looks like it's from somebody you know, ask them to confirm they sent it.
- Not by the original method it was sent. If an email address has been compromised you may get a reply from somebody pretending to be the real person.
- 8 common signs of a phishing email:
- It's in your junk folder
- There's a banner at the top with a warning message (added by Microsoft)
- Urgent action is demanded
- Incorrect sender's address (but don't trust correct addresses either)
- Poor spelling or grammar
- Uncharacteristic greeting or words used
- Asks you to sign in
- Asks you to download unexpected files (Dropbox, OneDrive, WeTransfer, etc.) or click on links.
- Report phishing emails by the Report Phishing button in Outlook. If it’s missing, simply delete the message.
Tip: If the Phishing button is missing or not working then just delete the message. It's more important for you not to click the email links than to report the message.
-
- Outlook - Classic Ribbon:
- Outlook - Simplified Ribbon:
- Outlook mobile
- Open message
- Select menu (3 dots) . . .
- Select Report Phishing
- Outlook - Classic Ribbon:
- If you're still unsure your message is genuine, raise a support ticket with the email date, subject & sender's address and the IT Team will check.