Report unwanted and malicious emails

What types of emails should be reported to IT?

IT Security appreciates reports from employees about emails with malicious or suspicious intent. Emails that appear to be scams, phishes, spoofs, contain unexpected attachments, or unsolicited (spam) are what IT would deem as malicious or suspicious.

How should malicious or suspicious emails be reported?

As spam is the most common category of emails that get reported, it would be best to have users report spam only if they are not able to block it on their own. Gmail has a spam button (looks like a stop sign with an exclamation point) to send emails to spam. IT receives reports when a significant number of spam emails get reported in this manner.

For any suspicious or malicious emails, please use the PhishAlarm tool in Gmail to report all other emails. This tool will automatically analyze the email and take action, if necessary. After analysis, a follow up email will be returned with information about what steps need to be taken, if any.

The PhishAlarm tool alerts IT Security if more action needs to be taken, so it is the preferred method of reporting. If you do not receive responses after reporting through PhishAlarm after a short period of time, please inform IT Security by emailing

How do I use the PhishAlarm tool?

PhishAlarm is available in your Gmail side panel (see image below). If you are having trouble finding the icon, your Gmail side panel may be hidden.To unhide the side panel, in the bottom right-hand corner of Gmail, you should see a left-pointing arrow.  Click on the arrow to show your side panel.

Gmail side panel

On a mobile device, you must be using the official Gmail app for the PhishAlarm icon to appear. It can be found at the bottom (as shown in the graphic below) of any email once you open it.

Gmail add-ons bar in mobile application

To report a phish, simply click the PhishAlarm icon from within the email that you want to report. A prompt will appear asking you to verify the information. If everything looks correct, click the "Report Phish" link as shown in the graphic below.


Related Articles: