How to spot and report phishing emails
Someone ruining your day with an email is unsettling. Phishing emails are among themany ways attackers steal your informationonline. Though harmless at first glance, they open a virtual doorway to your credit card details, account passwords, and other personal information. In extreme cases, they infiltrate yourmobile phonesand computers when you download attachments. There’s no easy way to catch the culprit or make them pay, but you can report them.
Telling on a phisher seems pointless, but it’s worth the effort. For one, your email provider blocks similar messages in the future. Also, anti-phishing groups can identify malicious patterns and make informed decisions to protect the online community. If you’ve fallen prey to a phishing email, here’s how to blow the whistle on them. And if you haven’t had this happen to you yet, you’ll be prepared.
What happens when you report phishing emails?
The outcome of a phishing email report depends on who you filed it to. Email providers use the information to filter future messages and stop them from entering your inbox. They’re the fastest solution since popular providers have built-in buttons on their apps.
Typically, Gmail flags any email suspected as a phishing attempt. You’ll see a warning sign indicating it’s dangerous, with options to report or mark it as safe. Sometimes, the email appears in the Spam folder, so you won’t know about it. When you report it, Gmail keeps a copy to improve its spam detection services. If you accidentally mark an email as phishing content, you can undo it.
Microsoft Outlook moves the email to the Deletedfolder after reporting it. It doesn’t stop the attacker from trying again, so you should block them first. You can also report phishing emails to anti-phishing agencies like the Federal Trade Commission (FTC) and the Federal Bureau of Investigation’s (FBI) complaint center. The FTC may not do much about your case, but your reports help them monitor online fraud patterns. On the other hand, the FBI investigates reports and, in some cases, recovers lost funds due to phishing attempts. The sooner you make the report, the faster they can respond and take action.
How to report phishing emails in Gmail
Sometimes, well-written phishing emails escape Gmail’s detection system. It’s up to you to report them and trigger filtration. Then, Google will watch for similar emails and block them from getting to you. On identification, it moves them to the Spamfolder, where you can delete them permanently.
You can’t report phishing emails on the mobile app, but you canmark them as spam. Although the concepts aren’t the same, the second option is worth trying if you get repeated phishing emails. Here’s how to report phishing emails on Gmail:
How to report phishing emails in Outlook
Outlook has an email filter that protects you from spam. Unlike Gmail, you don’t get a visible red warning sign. Instead, it indicates that the sender is unverified. When you report emails on the Outlook mobile app, they move to the Deletedfolder, where it’s possible to recover them. On the web version, Outlook deletes them permanently. It’s important that you block the sender before reporting them. Otherwise, they can still send you emails. Follow the steps below to get started.
Report phishing emails on the Outlook mobile app
How to block phishing emails on Outlook from browsers
Outlook moves every blocked email sender to the Deletedfolder. Afterward, you can report them as phishing content, and Outlook deletes them permanently.
Report phishing emails on Outlook from browsers
How to report phishing emails to law enforcement and regulatory agencies
Law enforcement is often unhelpful with phishing reports. While they won’t go after your attacker, the report helps them monitor online patterns and spread awareness about cybercrime. Some agencies recover lost funds when possible.
On a global scale, forward phishing emails and details of the encounter to the Anti-Phishing Working Group atreportphishing@apwg.org. The APWG collects and compiles phishing data and then uses it to counter cybercrime. Preferably, send them the phishing email as an attachment so that they have all the context. It’ll give them enough information to monitor attackers and take the right actions.
In the United States, file a phishing complaint on the FTC’sfraud report web page. The FBI also has an online complaint form you can use. To access it, visit theirInternet Crime Complaint Center(IC3) and click Business Email Compromise.
If you’re in the U.K., send your report to the National Cyber Security Center viareport@phishing.gov.uk. For Canadians, the Canada Anti-Fraud Centre handles phishing and fraud reports. Call them at 1-888-495-8501 or use the Royal Canadian Mounted Police’sonline reporting tool.
How to report phishing emails impersonating a business
Besides stealing your information, attackers defame businesses when they send phishing emails. If you receive a suspicious email claiming to be from Amazon, you’re less likely to trust the real company in the future. It’s worth reporting the activity to protect the business’s reputation.
Websites that attackers commonly impersonate in phishing schemes include Amazon, Dropbox, Google, Microsoft (and any of its Office services), PayPal, and banks. Each company lets consumers contact them to report fraudulent activity via email.
Report phishing emails to Amazon
Amazon has a web page where you can submit a form toreport phishing. You need to log in to your account to fill in the form. An alternative solution is to forward the email tostop-spoofing@amazon.com.
Report phishing emails to Dropbox
Dropbox prefers that you forward suspicious emails and links toabuse@dropbox.com. Also, compose a short description of how you received and responded to the email. It helps them understand your situation clearly and act on it.
Report phishing emails to Microsoft
Attackers impersonating Microsoft emails offer upgraded services or technical support. If it has happened to you, forward the email as an attachment tophish@office365.microsoft.com. You can also use the submission portal in Microsoft 365 Defender, although you need to be an admin to submit an issue.
Report phishing activity to Google
Google only allows you to report phishing attempts if they happened within a product or service. A good example is reporting suspicious emails in Gmail. In Docs or Drive, you can report files third parties share with you via the mobile app or web version. If Google finds them guilty of violating its policies, the company restricts your access to it and that of the owner, stops the owner from using Google products, or deletes their account.
On the Docs or Drive mobile apps, tap thethree-dot iconbeside any suspicious file. Then tapReport. SelectSpam or fraud, then tapReportfor confirmation. This process also works the same on the Drive web app.
On the Docs web version, open a document. Go toHelp>Report abuse. SelectPhishing, then scroll down and clickSubmit report.
Report phishing to PayPal
PayPal is one platform to be careful with since it involves money. Sometimes, you may receive emails telling you that there’s a problem with your account. You’re expected to click the provided link and verify personal details, which is a trick to steal your data and funds. To report such emails, forward them tophishing@paypal.comwithout altering the subject line. PayPal advises that you also delete the email from your inbox afterward.
Report phishing to your local bank
Reporting phishing attempts to your local bank depends on the bank. Generally, they have a security line to call and request information or report fraud. Your first step should be calling your bank and following their instructions. Alternatively, call a credit reporting agency to place a fraud alert on your file. It should stop phishers from creating new accounts with your identity.
Stay safe out there
Despite the increasing awareness of cybercrime, there are still many phishing victims. You should always be aware of the internet’s dangerous sides when you browse it. Steps you may take to protect yourself include reading emails carefully. Discovering that one blunder or grammar error is what stands between you and your data or funds. But it’s not too late if youaccidentally clicked a phishing link. Quickly scan your device for malware and back up your files. You also want to update passwords so that unauthorized access to accounts fails.
The note-taking app I should have used all along
Broader branding hints at wider paid-tier ambitions
I played the opening mission of The Outer Worlds 2 and really enjoyed what I experienced
Tablets and accessories are also on sale
What’s new? A lot
Breaking language barriers, one feed at a time
