How to Report a Phishing Email in Outlook.com

A little caution goes a long way when viewing suspicious emails

Bank Card on a hook
Peter Dazeley/Getty Images
PRODUCT DISCLOSURE $

A phishing scam is an email that looks legitimate but is an attempt to get personal information such as your account number, username, PIN code, or password. If you supply this information, hackers may gain access to your bank account, credit card, or information stored on a website. When you see one of these threats, don't click anything in the email. In Outlook.com, report phishing emails and have the Outlook.com team take action to protect you and other users.

Instructions in this article apply to Outlook.com and Outlook Online.

Report a Phishing Email in Outlook.com

To report to Microsoft that you received an Outlook.com message that tries to trick readers into revealing personal details, usernames, passwords, and other sensitive information:

  1. Select the phishing email you want to report.

    A potential phishing email is highlighted in Outlook.com inbox.
  2. Go to the Outlook toolbar and select the Junk dropdown arrow.

  3. Select Phishing.

    Selecting Phishing from the Junk email menu in Outlook.com.
  4. You'll receive an acknowledgment. Select Report to send Microsoft a phishing email notice. Or select Don't report if you don't want to inform Microsoft.

    Confirmation of reporting a phishing email.
  5. The email is moved to the Junk Email folder.

Marking a message as phishing doesn't prevent additional emails from that sender. To prevent future emails from the sender, add the sender to your blocked senders list

How to Protect Yourself From Phishing Scams

Reputable businesses, banks, websites, and other entities won't ask you to submit personal information online. If you receive such a request, and you aren't sure if it is legitimate, contact the sender by phone to see if the company sent the email.

Some phishing attempts are amateurish and filled with broken grammar and misspellings, so they are easy to spot. However, some contain identical copies of familiar websites such as your bank's to lull you into complying with the request for information.

Common sense safety steps include:

  • Don't reply to an email that asks for personal information.
  • Don't open or download files attached to suspicious emails.
  • Don't click any links that appear in the email.
  • Search the web for the email subject line. If it is a hoax, other people may have reported it.

Be particularly suspicious of emails with subject lines and content that include:

  • A request to verify your account immediately or the sender will close it.
  • An offer of a large sum of money in exchange for your account information.
  • An announcement that you're the big winner in a lottery you don't remember entering.
  • A request for emergency financial help from a friend who is supposedly on vacation.
  • A threat of bad luck if you don't reply.
  • A notification that your credit card has been hacked.
  • A request to forward the email to receive $500.

Abuse Is Not the Same As Phishing

As damaging and risky as falling for a phishing email is, it isn't the same as abuse. If someone you know is harassing you or if you are being threatened via email, call your local law enforcement agency immediately. 

If someone sends you child pornography or child exploitation images, impersonates you, or attempts to involve you in any other illegal activity, forward the entire email as an attachment to abuse@outlook.com. Include information on how many times you've received messages from the sender and your relationship (if any).

Microsoft maintains a Safety and Security website with lots of information about protecting your privacy online. It is filled with information on how to protect your reputation and your money on the internet, along with advice on using caution when forming online relationships.