External IT Knowledge - How to Report Suspected Phishing Emails

Phishing attacks are malicious emails which attempt to trick you into clicking malicious links, interacting with malware, or sending your credentials to bad actors. The University of Toronto employs advanced threat protections to prevent malicious emails from reaching your inbox; however, phishing attacks can occasionally evade these safeguards.

If you receive a suspicious-looking email, please report it immediately. Your report helps keep the University safe.

There are two methods for reporting phishing emails at UofT:

UofT Report Phishing button: If you use Microsoft Outlook, look for the "UofT Report Phishing" button within the email interface and click it to report the email.

A blue envelope with a red triangle and a red triangle on itDescription automatically generated

Forward the email: This method is for people who don't use Outlook. Forward the suspicious email to report.phishing@utoronto.ca.

How to use the UofT Report Phishing button

Outlook Web Access (OWA)

In the online mail.utoronto.ca portal, you can report suspected phishing emails automatically.

Select the email message. (Do not click on any links or attachments.)
Click the "UofT Report Phishing" button, in the top right corner of the email.
Select the reason you are reporting the suspicious message.
Indicate whether you have interacted with the suspicious message.
Select “Report Email”.
Select “Close and Delete” to delete the suspicious message after reporting it.

Outlook desktop application

In Outlook, you can report the message and it is deleted automatically.

Select the email message. (Do not click on any links or attachments.)
Click the "UofT Report Phishing" button, in the "Add-ins" pane of the top ribbon. The Report Phishing button may also appear in the top right corner of the email.
Select the reason you are reporting the suspicious message.
Indicate whether you have interacted with the suspicious message.
Select “Report Email”.
Select “Close and Delete” to delete the suspicious message after reporting it.

Outlook on mobile

Open the Outlook application on your mobile device.
Tap on the three dots (…) on the top right corner of the message.
Select the “UofT Report Phishing” icon.
Select the reason you are reporting the suspicious message.
Indicate whether you have interacted with the suspicious message.
Select “Report Email”.
Select “Close and Delete” to delete the suspicious message after reporting it.

Example on iOS mobile:

A screenshot of a phone

Example on Android:

A screenshot of a phone

How to Report via Email Forwarding

Forward Email: Forward the suspicious email to report.phishing@utoronto.ca.
Delete Email: After forwarding, manually delete the email from your inbox to prevent further interaction with it.

Note: Shared Mailbox and UofT Report Phishing

When using a shared mailbox, the “UofT Report Phishing” button does not work.

Observations:

You will receive the following message when using the UofT Report Phishing button with an email inside a shared mailbox.

A screenshot of a computer screenDescription automatically generated

Solution:

Please forward the email to report.phishing@utoronto.ca and then delete it from your inbox.