IT Services is proud to announce the launch of a new reporting process for phishing emails. If you are an employee, you will be able to use our new PhishAlarm button. If you are not, you can forward emails to firstname.lastname@example.org, our new email address for everything cybersecurity related.
Reporting a malicious email as an employee
If you have taken a look at your Gmail side panel, you may have noticed this .
If you don’t see your side panel, click the arrow in the bottom right hand of your screen.
Previously if you found an email that you thought was dangerous to your colleagues or you weren’t sure if it was legitimate, you had to click the Forward button and then type in email@example.com in the To field. Now we have a handy button.
To report a malicious email using the PhishAlarm button
- Open the email
- Click the PhishAlarm button in the side panel.
- Click Report Phish. A confirmation pane appears.
- Click the X to close the confirmation pane.
Not only is the PhishAlarm button super easy to use, it sends the cybersecurity team more information about the email making it easier to investigate. It’s a win for everyone!
While we won’t be ignoring emails sent to firstname.lastname@example.org, we are encouraging employees with phishing email concerns to use the PhishAlarm button. If you click the button and see a popup displaying something that looks like this:
You are not registered as an authorized user. If you are an employee, completing a registration form will rectify the problem. If you are not, you are unable to use the PhishAlarm button and will have to forward suspicious emails the old fashioned way.
Reporting a malicious email if you are not an employee
Unfortunately, we are unable to offer the functionality of the PhishAlarm button to those who aren’t employees. You will still see the PhishAlarm button, but if you try to use it you will get an unauthorized user notification.
The good news is, we have created a new email for reporting cybersecurity incidents, email@example.com. This new email will make it easier for the cybersecurity team to identify which reported emails are a priority and to respond quickly. While we won’t be ignoring emails sent to firstname.lastname@example.org, we are encouraging people to use email@example.com going forward.