OVERVIEW
Target audience: entire McGill community
It is important to report suspicious messages received in your McGill Outlook inbox, via SMS or Teams so that our staff can determine if there is a real threat to the McGill community, take actions to reduce the risks, such as deleting the message from our email servers and blocking malicious web addresses.
In this article:
IMPORTANT:
Please contact the IT Service Desk immediately by calling 514-398-3398 if you have interacted with a suspicious email received in your McGill Inbox in any of the following ways:
- Entered or provided your McGill credentials after clicking a link, scanning a QR code, or replying to the sender by call, SMS or other form of direct message.
- Downloaded or opened a file.
If you cannot call the IT Service Desk immediately, change your McGill Password right away and then check to see that no new 2FA methods have been registered for you.
See What is my McGill Username and how do I change my McGill Password? and Two-factor authentication (2FA) and Self-Service Password Reset (SSPR) articles for instructions.
Did you know:
We post "Phishing scam" announcements on the IT Services website when there are phishing scams targeting a sizable portion of the McGill community?
What to do when you spot a suspicious email
You can quickly report a suspicious email by using the Report Junk or Report Phishing buttons in any Outlook app.
If you don’t have Outlook installed on your device, you can always report suspicious messages from Outlook on the web.
Note: If the email is already in your Junk Email folder, you do not need to report it.
What happens when you report a suspicious email?
When you report a suspicious email, it’s immediately removed from your Inbox and flagged for review. If a threat is found, our teams will act to protect our community from the threat.
We’ve enabled a feature from Microsoft that automatically sends you a confirmation email if a threat (like phishing or malware) is detected in an email you reported. The confirmation includes:
- The subject line of the reported email.
- A reminder of key actions you can take when you encounter suspicious emails.
These emails do not contain any links or contact details, they just reference trustworthy McGill resources you can easily find, like this article.
To reduce unnecessary notifications, we won’t send confirmations for emails that are classified as Junk. In the future, we hope to expand this feature to include confirmations for reported emails when no threat is found.
You can’t opt-out of these confirmations, but if you prefer not to receive them, you can create an inbox rule to automatically delete them.
Report a suspicious email in Outlook
While viewing a message in Outlook, you can choose to report it as Junk, Phishing or Not Junk. You can also select and report multiple messages at once!
- When you choose Junk, the message is reported, then moved to your Junk Email folder. Please use the Report junk option to report spam and other junk mail that you don’t think is malicious, such as
- attempts to market goods and services,
- non-McGill newsletters that you never signed up for,
- “conference” invitations that attempt to acquire leads for business purposes, etc.
- When you choose Phishing, the message is reported, then moved to your Deleted Items folder.
- If you find a legitimate email in your Junk Email folder, click on Not Junk to move it to your Inbox. This also helps our email filtering system improve.
Depending on the version of Outlook you use, the report buttons may be in a slightly different location, but the experience will be the same.
Windows or macOS
iOS or Android
The Report buttons are available in Outlook for iOS version 4.2511 or later and Outlook for Android version 4.2446 or later.
Depending on the version of your Outlook app, the report buttons and the More options (…) menu may be in a slightly different location or order, but the experience will be the same.
To report a message:
- Open the message and tap the three dots (...) to access the More options menu.
- Tap Report Junk or Report Phishing. (Note: in some versions of the app, you may need to click on Report Junk to see the Report Phishing option).
Examples of the report buttons in Outlook mobile apps:
| iOS | Android |
Customize the placement of the Report button in Outlook
If you find yourself accidentally clicking on the Report Phishing button or would like to change where it appears in the ribbon or context menus, Outlook lets you change the location, courtesy of the “Customize the Ribbon” menus.
- Customize your toolbar in Outlook for Mac
- Customize the ribbon in Office
- Customize your email actions toolbar in Outlook for Android and iOS
Recover emails you accidentally reported
When you use the Report Junk button, emails are moved to your Junk Email folder.
When you use the Report Phishing button, emails are deleted.
In both cases, there can be a slight delay before the email is moved. If you accidentally report a legitimate email and need to restore it, the articles listed below provide instructions:
- Restore items from your Deleted Items or Junk Email folders in new Outlook
- Recover items from your Deleted Items or Junk Email folders in classic Outlook
- Recover items from your Deleted Items or Junk Email folders in Outlook.com and Outlook on the web
If you cannot restore the email, we recommend asking the sender to resend it, after first checking to confirm that you haven’t blocked the sender in Outlook.
Report phishing through Microsoft Teams
If you receive a suspicious message through the Microsoft Teams desktop or web app:
- Click the message and select Report this message.
- Review your selection, then select Report.
- You'll receive a message confirming your report was sent.
When you report a Teams message, it is flagged as a security risk, and our system administrators will be alerted so they can review it and take action to protect our community.
Report phishing received through text message (SMS), phone call, or other non-email methods
While most phishing attacks happen through email, attackers use other techniques to entrap victims. If you experience phishing through the methods listed below, please report it through this form, providing as much information as you can, including time, date, and screenshots if available.
- You receive a suspicious phone call AND provide personal or confidential information, including your McGill password and 2FA credentials, to the caller.
- You receive AND interact with a suspicious text (SMS) on your McGill work phone.
- You spot a poster or other physical media on campus with a malicious link or QR code.
- You spot or interact with a malicious link in an official post on McGill social media.
ADDITIONAL REFERENCES: