Report suspicious emails with Phish Alert
Learn how to identify and report phishing emails to ensure sensitive information stays safe.
What is phishing and how to spot it
Phishing is a deceptive practice where cybercriminals attempt to steal sensitive information like usernames, passwords, personal details, and financial data by pretending to be a trustworthy entity. This is often done through bulk or targeted emails designed to trick recipients into divulging confidential information. Among various tactics, email remains one of the most common methods used by attackers to execute phishing schemes.
Typically, there are common red flags that help spot “the hooks” in phishing-related emails:
- Grammatical and sentence structure errors.
- Unrecognized or unrequested attachments, files, links, etc.
- Unrecognized email domains or links that don’t match the sending company’s domain.
- Requests for personal information from you or someone else, often masquerading as a person of authority in the company.
- Messages that make you panic, or create a false sense of urgency.
Learn more about common phishing tactics and how to thwart them ↗️
How to report suspected phishing emails
Reporting suspicious emails plays a crucial role in keeping our organization secure. When you flag potential phishing attempts, these emails are sent to our Information Security team for thorough analysis. This process not only helps us identify phishing attacks that manage to reach employees’ inboxes but also enhances our overall security posture.
On your computer
- Log in to your Gmail account on your web browser.
- Open the email that you would like to report.
- Open the add-on menu on the right side of your Google inbox and click the phish hook icon to open the PAB add-on.
- Click the blue Phish Alert button to report the email.
- Once the confirmation message appears, click the back arrow to go back to your inbox. The reported email will be moved to the Trash folder.
Note: If you're viewing an email in split pane mode, the back arrow is not available. You can change your Gmail inbox settings to make the back arrow visible. You can also click Inbox or your browser's back arrow to go back to your inbox.
If you are missing the plugin in a web browser:
- Click the "Show side panel" Option on the bottom right corner of gmail
- This should show all your gmail add-ons
On your mobile device
- Log in to the Gmail app on your mobile device.
- Open the email that you would like to report.
- Scroll to the bottom of the screen and locate the available add-ons section.
- From the add-ons section, click the phish hook icon and scroll down to the bottom of the screen to access the PAB.
- Click the blue Report This Suspicious Email button to report the email.
- If enabled, you will see a confirmation message and the email will be moved to your Trash folder.
- Click the back arrow to return to your inbox.
By understanding the types of phishing emails that bypass our defenses, we can pinpoint vulnerabilities and implement stronger protections. If further action is necessary after you report an email, the Information Security team will contact you directly to provide guidance.
Remember, security is a collective responsibility, and your vigilance is a key component in safeguarding our organization from cyber threats. By staying alert and reporting suspicious emails, you contribute significantly to our defense against cyber-attacks. Thank you for being an essential part of our security efforts!