How to Report a Phishing Email in Outlook.com

A little caution goes a long way when viewing suspicious emails

Microsoft makes it easy to report phishing in Outlook. You should always let Microsoft know when you receive a message that tries to trick readers into revealing personal details, usernames, passwords, and other sensitive information when using Outlook.com.

Instructions in this article apply to Outlook.com.

How to Report Phishing in Outlook.com

To report to suspicious emails to Microsoft when using Outlook.com:

  1. Select the phishing email you want to report.

    A potential phishing email is highlighted in Outlook.com inbox
  2. Select Junk in the Outlook toolbar and choose Phishing in the drop-down menu.

    Selecting Phishing from the Junk email menu in Outlook.com
  3. Select Report to send Microsoft a phishing email notice. The email will be moved to your Junk Email folder.

    Confirmation of reporting a phishing email

Marking a message as phishing doesn't prevent additional emails from that sender. To do that, add the email to your Outlook blocked senders list

Why Report Phishing in Outlook?

A phishing scam is an email that looks legitimate but is actually an attempt to get personal information such as your account number, username, PIN code, or password. If you supply this information, hackers may gain access to your bank account, credit card, or information stored on a website. When you see one of these threats, don't click anything in the email. Instead, you should report it so that the Microsoft team will take action to protect you and other users.

You can enable phishing protection in Outlook 2019 and other desktop versions to automatically catch scam emails. It's also possible to report emails as spam in Outlook.

How to Protect Yourself From Phishing Scams

Reputable businesses, banks, websites, and other entities won't ask you to submit personal information online. If you receive such a request, and you aren't sure if it is legitimate, contact the sender by phone to see if the company sent the email.

Some phishing attempts are amateurish and filled with broken grammar and misspellings, so they are easy to spot. However, some contain identical copies of familiar websites such as your bank's to lull you into complying with the request for information.

Common sense safety steps include:

  • Don't reply to an email that asks for personal information.
  • Don't open or download files attached to suspicious emails.
  • Don't click any links that appear in the email.
  • Search the web for the email subject line. If it is a hoax, other people may have reported it.

Be particularly suspicious of emails with subject lines and content that include:

  • A request to verify your account immediately or the sender will close it
  • An offer of a large sum of money in exchange for your account information
  • An announcement that you're the big winner in a lottery you don't remember entering
  • A request for emergency financial help from a friend who is supposedly on vacation
  • A threat of bad luck if you don't reply
  • A notification that your credit card has been hacked
  • A request to forward the email to receive $500