New “report phishing” button in Outlook, Office 365 will make it easier to report security risks

Purdue had 1.5 billion emails sent its way in 2019 and approximately 1.1 billion were deemed threat messages and blocked.

Still, some malicious messages get through Purdue’s email filtering. The faster Purdue security staff can learn of those, the faster it can respond to prevent an attack or breach.

Now, reporting questionable emails will become as simple as clicking a button – allowing students, faculty and staff to more easily help combat the onslaught of malicious messages that could allow cybercriminals to access information like bank account numbers, academic and health data, and more.

On Feb. XX, ITaP will implement a new feature for the desktop and web versions of Outlook for Office 365. Users will see a message and a button at the top of all emails that will ask if they would like to report the message as phishing. Once a user reports a message, the email and all of its pertinent information will be sent to ITaP security staff for review.

Purdue asks all users to be vigilant about phishing and spam emails and to report suspicious messages.

The new button ensures that important information such as email headers will be included in the report so that ITaP can better protect users from phishing and spam emails. If an email is determined to be a phishing or spam message, the sender’s email address and links included will be blocked to prevent other users from receiving the message or giving up their credentials via a malicious link.

Users will still be able to forward emails as attachments to abuse@purdue.edu like before, but the new button makes the process easier.

The emails will also be shared with a coalition of Big Ten universities’ information technology security units known as the OmniSOC. Sharing potential phishing and spam email between the organizations brings more security experts to bear on threats and can help prevent malicious messages from ever hitting a user’s inbox when multiple universities are being targeted.

Note: This change will be available for the web and desktop versions of Outlook only.

Last updated: February 3, 2020