Report a Suspicious Email with PhishAlarm
This article covers how faculty, staff, and students can report a suspicious email using PhishAlarm in Outlook.
PhishAlarm is a tool that allows you to report a suspicious email with the click of a button in Outlook. The CSUF Information Security Office team will then be able to review the email to verify if it is a phishing email.
For more about how to spot a phishing email, view What is Spear Phishing and How do I Spot a Phishing Attack?
How do I report a suspicious email?
1. Click on the Report Suspicious button at the top of the email.
2. The PhishAlarm webpage will open in your default web browser. Click Report As Suspicious.
Remember to use this feature for suspicious emails, not regular spam messages.
3. After a moment, you will see a confirmation that your report has been sent. You can close this tab/window.
4. Return to the email message and close it. The email will automatically be removed from your account within a few minutes, but will be returned to your account if it is determined to be safe.
1. Click on the Report Suspicious button at the top of the email.
2. The PhishAlarm webpage will open in your default web browser. Click Report As Suspicious.
Remember to use this feature for suspicious emails, not regular spam messages.
3. After a moment, you will see a confirmation that your report has been sent. You can close this tab/window.
4. Return to the email message and close it. The email will automatically be removed from your account within a few minutes, but will be returned to your account if it is determined to be safe.
1. Click on the Report Suspicious button at the top of the email.
2. The PhishAlarm webpage will open in your default web browser. Click Report As Suspicious.
Remember to use this feature for suspicious emails, not regular spam messages.
3. After a moment, you will see a confirmation that your report has been sent. You can close the tab or the web browser.
4. Return to the email message and close it. The email will automatically be removed from your account within a few minutes, but will be returned to your account if it is determined to be safe.
1. Click on the Report Suspicious button at the top of the email.
2. The PhishAlarm webpage will open in your default web browser. Click Report As Suspicious.
Remember to use this feature for suspicious emails, not regular spam messages.
3. After a moment, you will see a confirmation that your report has been sent. You can close the tab or the web browser.
4. Return to the email message and close it. The email will automatically be removed from your account within a few minutes, but will be returned to your account if it is determined to be safe.
What happens after I report an email?
The email will be removed from your account and reviewed by the Proofpoint automated threat analysis. You will receive an email update, usually on the same day, indicating the initial assessment (e.g., suspicious, low risk, etc.) by the automated threat analysis.
If the email is marked as suspicious, it will be reviewed in more detail by the Information Security Office. Once their review is complete, you will receive an email indicating the outcome (e.g., the message was a phishing email, the email was valid, etc.).
If the email is marked as low risk, it will be sent back to your account in the Junk Email folder and you can retrieve it or delete it from there.
Need More Help?
Faculty/staff can contact the IT Help Desk at [email protected] or 657-278-7777 for additional assistance.
Students can contact the Student IT Help Desk at [email protected] or 657-278-8888 for additional assistance.
Additional Resources
To learn more about phishing, view the chapter on Spear Phishing.
For more resources, view the Spear Phishing Help & Resources article.