Spams, Phishing, and Email Security

Why report suspicious emails?

Reporting suspicious emails isn’t just about cleaning your inbox—it’s a critical security action. Here is why using the Report Message tool in Outlook matters:

Top reasons why you should report suspicious emails in Outlook

• Trains the Filters: Reporting feeds Microsoft’s AI, helping it recognize and block similar “zero-day” attacks for you and millions of others in the future.
• Alerts Your IT Team: In a corporate setting, reporting a message allows security teams to use Microsoft Defender to “claw back” and delete the threat from all employee inboxes simultaneously.
• Exposes Spoofing: It helps identify attackers who impersonate trusted brands or colleagues, effectively neutralizing scams that rely on stolen “sender authority.”
• Stops the Breach: Most cyberattacks begin with a single click. Reporting moves you from passive avoidance to active defense, protecting your company’s data and financial assets.
• The Golden Rule: Don’t just delete it—report it. This ensures the threat is analyzed and permanently blocked.

How to report suspicious emails in Outlook?

To report a threat effectively, use the Report Message add-in or the built-in Outlook tools. This flags the email for both Microsoft and your IT department.

How to Report in 3 Steps

1. Select the Email: Click once to highlight the suspicious message (do not click any links inside).
2. Locate the Report Button:

• Desktop App: Look for the Report Message or Junk icon on the “Home” ribbon.
  

  

• Outlook Web / New Outlook: Click the … (More actions) menu in the top right of the message header or look for the Report button in the top toolbar.
  

  

• Mobile App: Tap the … at the bottom of the message and select Report Junk.
  

  

4. Choose “Phishing”: Always select Phishing (rather than just Junk) for emails that appear to be scams or are asking for credentials. This triggers a higher-level security review by the Microsoft Security Team.