Skip to content Skip to site navigation

How do I report a suspected phishing email scam?

Use the built-in Phish Reporter Button to sound the alert and help others
Monday, March 13, 2023

When you report a suspected phishing email scam, you help sound the alert and keep others safe. 

Once the email is flagged, Stanford University’s Information Security Office (ISO) can evaluate the threat. This also allows ISO to quickly take action to protect others on the Stanford network, including technical steps and communications efforts to alert the proper communities.

Let’s look at the two main ways you can report suspected phishing.

1: Use the Phish Reporter Button

For Outlook users, the fastest and easiest way to report a suspected phishing attempt is to use the built-in Phish Reporter Button. 

Report Phish button

Note: The button says "Report Phish" in the Outlook desktop client, but “Report Phishing” in the Outlook web app (OWA) and mobile app.

Follow these instructions on how to use the button. Instructions include using the button in your Outlook desktop application (installed), Outlook web app, and Outlook mobile app.

Don't see the Phish Reporter Button in your OWA? Follow these instructions to add it.

Note about the Phishing Awareness Program at Stanford: We recently started the process of switching to a new Phishing Awareness Program vendor.  The main visible change for end users is that the Phish Reporter Button is different and the message pop-up when a phish is reported will have "Stanford | University IT" branding.

Before and after images side-by-side of Phish Reporter Button

Once you click the Phish Reporter Button, you'll see a message thanking you for reporting. 

Message from Stanford University IT after reporting a phish: Thank you for reporting this email as a suspected spam or phishing message. Analyzing these messages help us better protect the Stanford community. Please note that an individual reply may not be given due to the volume of reports received on a daily basis.

If the message was sent as part of the Phishing Awareness Program (applicable for staff and faculty only), the message you see will confirm it was a training email.

Message from Stanford University IT after reporting a phish that was simulated: This was a simulated phishing email sent as part of Stanford’s Phishing Awareness Program. Congratulations on successfully identifying and reporting it to us! No further action is necessary.

2: Forward the email to phishing@stanford.edu

Another option is to forward a suspected phishing or spam message to the email address phishing@stanford.edu to be evaluated.

If a member of ISO reaches out to you about a report, you may be asked to forward the suspicious email again as an attachment. Get instructions at uit.stanford.edu/phishing/forwardphishing.

If you report by forwarding the message, you will receive an auto-reply message as confirmation that the message sent successfully. You might not receive any additional response, but you can be assured that ISO will evaluate the threat and take necessary steps. 

Let’s do this

Now that you know how and why to report suspected phishing emails, you’re prepared to use your skills for good! We can all help each other with this simple step.

Learn more

Share Feedback

DISCLAIMER: UIT News is accurate on the publication date. We do not update information in past news items. We do make every effort to keep our service information pages up-to-date. Please search our service pages at uit.stanford.edu/search.