Report Malicious Messages in Outlook

Once your IT department has configured malicious message reporting for your organization (see Configure Malicious Message Reporting), reporting messages as malicious in Outlook will automatically send a copy of those messages to Phishing Response.

NOTE:

You cannot report messages that are in your Trash and Junk folders. Messages is in the Junk or Trash folders were likely moved there because of risky signals, either by Report Malicious Messages in Outlook or by other security controls. Be extra careful about clicking on any links and note that one security control has already taken action on it.

If you find a message in one of these folders that you want to report as phishing, first move it to a different folder.

  1. Select a message in your Inbox.
  2. Select the Report Phishing option, which will differ if you are using the installable Outlook application or Outlook in your browser, and whether you're using the old or new Outlook experience in your browser:
    • Outlook application: Click the Home tab, then click Report Message > Phishing.
    • Outlook web (old experience): Click the Report Message button () and then click Phishing.
    • Outlook web (new experience: Click the 3 dot menu (in the upper-right of the message pane), then click Report Message > Phishing.

TIP: Reporting phishing attempts will also report the message to Microsoft.