Introduction


When a malicious or suspicious email is identified, you should follow the instructions below to the submit the email to the security team using a tool called PhishNotify. You should never forward a potentially malicious email as it carries risks of others inadvertently clicking on harmful links or attachments. If you want to check with a coworker about the validity of an email, send a screenshot of the email instead of forwarding it.


PhishNotify is available in the desktop and web-based versions of Outlook (not supported on the Outlook mobile app). In addition to submitting malicious emails to the security team, PhishNotify also works alongside phishing simulation emails, notifying you if an email you report is indeed a simulation or not.


Unwanted spam emails that do not appear to be malicious in nature should be dealt with using the Block Sender option as described in the "Allow or Block Sender" section below.

Reporting Emails from the Outlook Desktop Application

To submit an email to your security team:

  1. Click the PhishNotify button from your Outlook ribbon.


  2. Click the blue Move to Deleted Items button to confirm the submission of the email or click the X icon to cancel the submission.

Reporting Emails in Outlook Web Application (OWA)

To submit an email to your security team:

  1. Tap the three dot menu in the upper right corner of the message.
  2. Click the PhishNotify add-in. It may appear either under the three dots (More actions) as shown in the first screenshot, or in the four-box icon (Apps) to the left of the three dots as shown in the second screenshot.

    More actions > PhishNotify


    Apps > PhishNotify
  3. Click the blue Move to Deleted Items button to confirm the submission of the email or click the X icon to cancel the submission.


Allow or Block Sender

If you want to allow or stop receiving emails from a specific sender, click on the message, then:

  • Click Junk on the ribbon > click either Never Block Sender or Block Sender, or
  • Right-click on the message > Junk > click either Never Block Sender or Block Sender

 **Note: Never Block Sender’s Domain does not work**

Option 1

Option 2