Reporting Suspicious or Phishing Email Messages

What is this service?

Information on how to report a suspicious message

Report a suspicious message in Outlook Desktop

Report a suspicious message in Webmail

Report a suspicious message in Mobile Outlook (iOS and Android)

As part of our Beauceron Cybersecurity Awareness Platform, we have a 'Report Suspicious Message' reporting button in Outlook, Webmail and the Outlook mobile app (iOS/Android). 


This feature allows users within our organization to report suspected phishes (including Beauceron simulations).


If you report a simulation, you are provided with instant feedback and given a reward which reduces your Cybersecurity risk score.
Genuine phishes (not simulated) that are reported with the button will be submitted to our Email and Security teams for evaluation and possible blocking and removal.


Feel free to report any messages that look suspicious.
Messages that look like spam should be handled by right-clicking the message and choosing one of the 'Junk' options.


The reporting button will automatically remove the message from your mailbox.
If the message is found to be legitimate, it will be returned to you.

Shared Mailboxes:

We are unable to provide the 'Report Suspicious Message' button on any shared mailboxes (the other email accounts that you may have access to).

To report a suspicious message that comes into one of those shared mailboxes, please forward the message to: phishing@nscc.ca

To Report a suspicious message in Outlook Desktop

It is usually safe to open and view an email message.
The risks are in the clicking of links, or opening of attachments, that come with the message.


While viewing a message in the desktop Outlook client, the reporting button looks like this: 

New Outlook

If you had clicked on the "Try the new Outlook" button which changes your Outlook email program into using a new interface, the 'Reporting an Email' option gets moved to a new location, similar to its location in Webmail.

When viewing the suspicious email you will see a row of icons along the top right corner of the message preview.

C​​​​lick the box that is in the top right corner of the message.

The Report Phishing button is the one with the orange animal shape.

Clicking that will bring up the Reporting Message options.

To Report a suspicious message in Webmail:

It is usually safe to open and view an email message.
The risks are in the clicking of links, or opening of attachments, that come with the message.
 

In Webmail, while viewing the message, click the box   to the left of the ellipses in the top right corner of the message.
The 'Report Message' button is in the new box that opens:

Submit the Report:
Once you've clicked the Report Message button, you may be prompted to login to Office365. That is ok. Complete the report by classifying what is suspicious about the message, adding optional comments, then click 'Report Email'. 

Finish the report by selecting "Close and Delete"


 

(Optional) Add the Report Message button to the main window in Webmail:

Click the Gear icon in the top right corner of the Webmail home page
Select 'View all Outlook settings​' Step 1
Choose 'Customize actions' in the middle listing Step 2
Scroll to the 'Message surface' section and add a check mark next to 'Report Message' Step 3

To Report a suspicious message in Outlook Mobile for iOS or Android

Tap the message to open it, then click on the three dots (...) to the right of the screen
Note that there may be differences on the location of those dots between versions of iOS and Android

Then press the 'Report to NSCC' button.
You might be asked to enter your NSCC credentials. It is safe to do so.

Fill out this section with any relevant details, then click 'Report Email' 

That is it. This page confirms your submission and removes the message from your inbox.