How to Report Phishing Emails in Outlook

Fishy emails need to be smoked out and reporting is the way to go

Reading time icon 4 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • Most email providers have a built-in protection system that allows users to report suspicious emails.
  • Phishing reports help email providers to build their databases and beef up their security systems.
  • Stay tuned as we take you through the steps to report a potential phishing email.
ESET HOME comes with all the security tools that you may ever need to protect your data and privacy, including:
  • Anti-theft support
  • Banking-level encryption
  • Advanced digital threat protection

Phishing emails are becoming more and more common, but they don’t always stand out from email clutter. Since cybercriminals are getting creative, you also need to up your game and help your domain manager come up with better detection techniques.

The key to a spam-free inbox starts with early detection. You need to know how to spot spam emails, and only then will you be able to report the email so it can be effectively mitigated.

Why report phishing emails?

When you receive a phishing email, it can be tempting to delete it and go on about your day. However, reporting phishing emails is important because it helps other users stay vigilant as they are now aware of the looming attack.

In addition, your organization and email client can also use the reports to improve their anti-phishing detection features and identify new ones that will help block as many fake messages as possible before they reach you.

How do I report phishing in Outlook?

1. Outlook app

  1. Launch your Outlook app.
  2. Locate the suspicious message from your folders and click to open it.
  3. On the top menu, click on Junk, and in the drop-down menu, select Report as Phishing.

2. Outlook web

  1. Log into your Outlook web email.
  2. Locate the suspected email and click on it to open.
  3. Next, click on Report, and in the drop-down menu, select Report phishing.
  4. Click OK in the next dialog box and the message will be removed from your inbox.

3. Outlook mobile

  1. On your phone, launch the Outlook app.
  2. Go to your inbox or junk folder containing the spam email, tap, and hold on to the message.
  3. Tap the three ellipses on the top right and select Report junk.
  4. Next, select Phishing.
  5. Check the Remember my choice box and tap Report to finish.

How do I report phishing in Outlook without opening it? 

If you’re worried that opening an email could lead you to click on malicious links accidentally, you’ll be happy to know that this is not a prerequisite to reporting them. You can simply select the emails from your homepage, follow the steps above, or install the Report Phishing add-in.

Alternatively, you can forward the emails to the official email address for Microsoft, which deals with phishing messages.

What other ways can I report a phishing email? 

  • Share the message with your IT department or network administrator.
  • Report the email as phishing or malware to your antivirus software provider so they can update their databases with new threats.
  • Forward the message to the company or organization it claims to be from or the company hosting the website in question.
  • Use a secure third-party tool with a secure server that can assess risk and forward it to relevant parties.
  • Get in touch with the fraud protection center in your country.

With phishing attacks becoming increasingly sophisticated, knowing how to spot and report them can make the internet a safer place for everyone. And while your Outlook email does a decent job detecting some of these phishing attempts, sometimes it may fail to block junk mail.

Some emails like the renew your Microsoft 365 phishing scam or unusual account activity detected are almost believable you’ll be tempted to click on links. In such cases, a comprehensive antivirus should suffice. But not just any antivirus will do.

The last thing you need is to question whether your antivirus can detect phishing. You need to look out for its features and ensure it is always up-to-date.

Are there any avenues for reporting phishing scams we may have missed in this article? Share them with us down below in the comment section.

More about the topics: Outlook Mail

User forum

1 messages