You receive suspicious emails on a very regular basis. Reporting these emails is a valuable contribution to preventing others from falling victim and putting the RIC community at risk. By reporting these emails, Information Technology Services (ITS) is able to assess the risk and act promptly.
To make reporting quicker and easier, we have made the Outlook PhishHook Add-In available to all Office 365 users. The Add-In will automatically show in any current Outlook version:
- Outlook for Web Access
- Outlook for Windows
- Outlook for Mac OSX
- Outlook for Mobile (iPhone & Android)
Accessing the PhishHook Add-In differs in each Outlook versions, but the it works the same.
Reporting a suspicious email
- Click on the PhishHook icon to open the reporting dialog.
- Use the text box under "Please write why this might be a phishing attempt" to provide ITS with the reason why you are reporting this. This is optional.
- Click the "Send Report to Admin" button
- In the dialog you see the confirmation that the email has been submitted
- The dialog window will close automatically. If this is not the case, click the "Close" button
- The reported email is permanently deleted from your Inbox.
Note: PhishHook allows ITS to review the suspicious email in the identical form as you received it.
Locating the PhishHook Add-In
Outlook Desktop client (Windows and Mac OSX)
The Add-In will show in the Ribbon as soon as you select an email
Outlook Web Access (any browser)
When you select an email in Outlook Web Access the PhishHook icon will show in the Viewer window to the right of the Sender/Recipient fields
Outlook App for Mobile devices
After you open an email, click on the ellipses (...) to open the menu
-
On the iPhone, the PhishHook icon shows at the top of the menu
-
On the Android, the icon shows at the bottom of the menu
Frequently Asked Questions
Am I required to use PhishHook to report suspicious emails?
No, you can also report suspicious email by sending the suspicious email to reportspam@infosec.ric.edu or reportspam@ric.edu. We would prefer you send the suspicious email as an attachment in an email (if you are using Microsoft Outlook Desktop Client use Ctrl + Alt + F) . If that is not possible you can also forward it to one of these two email addresses.
Do I get a response after reporting a suspicious email?
Your report of a suspicious email is important to Information Technology Services (ITS). After we have reviewed your reported email we will provide you our findings.
Can I remove the PhishHook Add-In?
Yes, you can use the Add-In Manager to disable or remove PhishHook. However, we encourage you to keep reporting suspicious emails.
Why does ITS want to know why I think this email is suspicious?
ITS reviews and analysis reported suspicious emails and every additional information that you can provide us regarding this email will help us with the analysis and assessment of the risk this email may pose for the RIC community
Is the PhishHook Add-In created by Microsoft?
No, the Add-In is developed by a company named Inspired Learning. This company is specialized in developing and offering Information Security Awareness training