Esevel - how to report phishing emails outlook

Step-by-Step Guide to Report Phishing Emails in Outlook

Today, email remains one of the most prominent means of professional correspondence. However, with this convenience comes a growing concern: phishing emails. These deceptive messages are designed to trick recipients into revealing personal information or engaging in harmful actions. 

In this comprehensive guide, we’ll explore how to protect yourself and your organization by reporting phishing emails in Microsoft Outlook.

Recognizing phishing emails

Before delving into the process of reporting phishing emails in Outlook, it’s crucial to understand how to recognize these deceptive messages. Phishing emails often come disguised as legitimate communication, making them tricky to spot. However, there are several common signs to watch out for:

  1. Suspicious sender addresses: Pay close attention to the sender’s email address. phishing emails often use email addresses that resemble those of reputable organizations but contain subtle misspellings or unusual domain names.
  2. Urgent or threatening language: Phishers often use a sense of urgency or threats to push recipients to take action. Be cautious if an email pressures you to act quickly or threatens negative consequences.


Immediate action required! Your account will be locked in 24 hours if you don’t verify your information now.”

Your bank account has been compromised. Click this link within the next 2 hours to prevent unauthorized transactions or your funds will be frozen.”

Congratulations! You’ve won a free vacation. Claim your prize by clicking the link within the next 30 minutes, or your opportunity will be forfeited.”

  1. Unusual requests or offers: Phishing emails may contain requests for sensitive information, such as passwords, credit card details, or social security numbers. they may also offer enticing deals or prizes to lure you in.
  2. Unfamiliar links and attachments: Hover your mouse over any button click or link without clicking them to check if the URLs match the destination. Be cautious of unexpected attachments, as they may contain malware.
  3. Poor grammar and spelling: Phishing emails often contain grammatical errors and spelling mistakes. These can be subtle, so it’s essential to review emails carefully.

By learning to recognize these common phishing signs, you can reduce the risk of falling for phishing scams. However, if you do receive a suspicious email in your Outlook inbox, it’s crucial to report it promptly to protect yourself and others.

How to report phishing emails in Outlook

Now that you’ve spotted a phishing emails, it’s time to take action and report them. Reporting phishing emails in Microsoft Outlook is a straightforward process that can help protect both your personal information and the broader online community. 

Follow these steps to report a phishing email:

Step 1: Opening the suspicious email

Begin by launching Microsoft Outlook and navigating to the reading pane.

  • Launching Outlook: If you’re not already in Outlook, open the application.
  • Selecting the email: Locate the suspicious email in your inbox or message list. It’s essential not to open the email, as this could potentially execute harmful code or reveal your presence to the sender.

Step 2: Reporting the email

Once you’ve identified the phishing email, it’s time to report it to Microsoft. Follow these steps to initiate the reporting process:

Esevel - Reporting the smishing Outlook email
  • Locating and clicking the “Report” button: With the suspicious email selected, look for the “Report” button or option in the Outlook interface. The location of this option may vary slightly depending on your version of Outlook, but it’s typically found in the vertical ellipses (or ⋮) drop-down. 
  • Choosing “phishing” as the report category: After navigating to the report menu, a sub-menu or dialog box will appear. Select the category that best describes the email. In this case, choose “Phishing” to report the email as a potential phishing attempt.

Step 3: Confirming the report

Once you’ve selected “Phishing” as the report category, you’ll need to confirm and submit your report. Follow these final steps:

  • Reviewing the report details: Take a moment to review the report details. Ensure that the email you’re reporting matches your suspicion of a phishing attempt.
  • Clicking “Submit” to report the phishing email: After verifying the report details, click the “Okay” or “Report” button to notify Microsoft of the suspicious email. This action will trigger an investigation and may help protect others from falling victim to the same phishing attempt.

Reporting phishing emails not only protects your personal information but also contributes to the collective effort to thwart cybercriminals.

Reporting phishing emails on Outlook mobile

If you primarily use the Outlook app on your mobile device, you can also report phishing emails on the go. Here’s how to do it:

Step 1: Opening the Outlook App

Start by launching the Outlook app on your mobile device. Navigate to your inbox, where you’ve received the suspicious email.

Step 2: Selecting the suspicious email

Tap the suspicious email to open it. Remember not to click any links or download attachments within the email before reporting it.

Step 3: Tapping the “Report” option

Within the email interface, look for the vertical ellipses (or ⋮) drop-down. This option is usually represented by an icon or menu item, and it’s designed to allow you to report emails that appear suspicious or malicious.

Step 4: Selecting report junk

After tapping the menu option, a menu or dialog box will typically appear, find the “report junk” option and then select “Phishing alert”

Esevel - Selecting report junk

Step 5: Submit the report

Once you’ve reviewed the report details and confirmed your suspicion, go ahead and submit the report. Your action will trigger an investigation by Microsoft, helping to protect others from potential harm.

What happens after reporting?

Congratulations, you’ve taken a significant step in the battle against cyber threats by reporting junk phishing emails in Outlook. But what happens next? Your action triggers a chain of events that contribute to the overall cybersecurity ecosystem:

  1. Email analysis: When you report a phishing email, Microsoft’s security systems swing into action. The reported email undergoes analysis, during which its content, links, and attachments are scrutinized to identify patterns and potential threats.
  2. Pattern recognition: The data gathered from reported phishing emails helps Microsoft’s security teams recognize patterns and trends in cyberattacks. This enables them to develop more effective security measures and update their threat detection algorithms.
  3. Protection for others: Your report doesn’t just protect you; it shields others as well. Microsoft uses the information from your report to improve its filtering and security systems. This means that your vigilance benefits the entire Outlook user community, reducing the likelihood that others will fall victim to similar phishing attempts.
  4. Learning and adaptation: Cybercriminals are constantly evolving their tactics. Reporting phishing emails provides crucial data that helps Microsoft stay ahead of cybercriminals. The insights gained from your reports are used to fine-tune security protocols, making it harder for phishing scams to succeed.
  5. Potential follow-up: In some cases, Microsoft may take additional action based on your report. If the reported email is part of a larger phishing campaign, your report could help authorities and security experts track down and shut down the culprits.

Enhancing your remote team security further

  • Education: Keep your team informed about the latest phishing techniques and cybersecurity best practices.
  • Regularly update official knowledge on recognizing new threats by signing up for our newsletter.
  • Strong passwords: Use strong, unique passwords for your online accounts, and consider using a reputable password manager to keep them secure.
  • Multi-Factor Authentication (MFA): Enable MFA wherever possible. This adds an extra layer of security by requiring you to verify your identity through a secondary method.
  • IT security software: Install reputable antivirus, anti-malware software, or endpoint security solutions on your company devices to provide an extra layer of protection against threats.
  • Verify emails: If you receive an unexpected email requesting sensitive information or action, independently verify its authenticity by contacting the organization directly through official channels.

Demo Title

Demo Description

Introducing your First Popup.
Customize text and design to perfectly suit your needs and preferences.

This will close in 20 seconds