Reporting phishing emails

Use the phishing reporting tool in Outlook and DavisMail to protect yourself and campus

Most of us know what a phishing email looks like—misspellings, generic introduction, offers too good to be true, etc. Often these come from external senders and are addressed to many recipients. You recognize the signs, but others might not, and may fall victim to the scam.

After you’ve determined that an email is a scam attempt, don’t just delete it. Instead, take a moment to use the reporting feature right from within Outlook and DavisMail (Gmail). Reporting helps the UC Davis Information Security Office (ISO) classify and flag phishing messages, protecting other recipients from harm. This Knowledge Base article has details on how to use the reporting feature.

Despite the reporting features and your vigilance, sometimes a well-timed phishing email can slip through the cracks. If you inadvertently responded to a phishing scam and were tricked into sending your passphrase, change it as quickly as possible and read this Knowledge Base article on what to do next.

If you need additional assistance investigating a phishing email, forward the suspect message to

For more cybersecurity best practices, read “Top 9 Cybersecurity Habits to Adopt Today” in the UC Davis Knowledge Base.