Reporting Spam/Junk and Phishing Emails
The best practice for unsolicited or questionable emails is not to respond, forward, or click on any embedded links. Please report the suspicious email using the process below. After reporting the message, if the item is still in your mailbox, you should delete the message from your Inbox and Deleted Items. See guidance below on identifying a phishing or spam/junk email. If you are unsure of the category, please report it as phishing. Note: Due to a Microsoft limitation, Report Message is not available on shared mailboxes. To request if the email is legit, please create a ServiceNow ticket with the questionable email attached.
This process is also available in webmail via https://portal.office.com with a slightly different reporting method. To report a phishing or spam/junk email in webmail, right click on the email in the list or select the "…" option and then select "Security options". Select on "Phishing" or "Mark as junk" as shown in Figure 2.
If you accidently replied back to a phishing e-mail and provided sensitive information like your password, please change your password immediately and submit a ServiceNow ticket with the questionable email attached. If you accidently reported a legit email as phishing or junk and you would like it back in your inbox, submit a ServiceNow ticket for the Exchange Team to retrieve it. If there are further questions about this process, please contact the IT Service Desk at 703-324-HELP, option 1, TTY 711.
