In order for the security team to review all necessary information to identify phishing emails, emails must be submitted in specific formats. See below for instructions on how to submit a phishing email for evaluation.
Forwarding Emails and Headers from Gmail (Google Apps at USC)
- Open the suspected phishing email but be careful not to follow any links or download any attachments contained in the message.
- Click the three dots next to the reply button in the upper right-hand corner of the email window.
- From the drop-down menu that appears, click Show original. This will open a new window showing the email as a text document, with all the header information, links, and HTML markup visible.
- Highlight and copy everything in this window.
- Go back to the original message and click the Forward.
- Paste the information into the top of the message, and send the email to email@example.com.
NOTE: Gmail also has a Report phishing option, found in the same drop-down menu used above. Clicking this will alert the Gmail abuse team to the phish. Feel free to use this option in addition to forwarding the message to the ITS security team.
Forwarding Emails and Headers from the Outlook Web App (Microsoft Office 365)
- Draft a new email. Pop out this new email by clicking the image of two windows in the top right corner.
- Organize your browser windows so that you can view both your inbox and the new email window.
- Click the malicious email in your inbox and drag it to the new email window. This will include it as an attachment.
- Enter any other relavent information and send the new email to firstname.lastname@example.org.
NOTE: If you are currently in Conversation view, all the messages within the conversation will be attached. If you only want a specific message to be attached, change your view to Messages then attach.
Forwarding Emails from the Outlook Desktop Client (Windows and Mac)
- Open a new email in your inbox.
- Click the phishing email and drag it into the body of the new email.
- Compose your message with any relevant details and send it to email@example.com.
- Select the malicious email in your inbox.
- In the navigation pane (at the top of your client), click Forward as Attachment in the Respond/Forward group on the Home tab.
- Compose the forwarding message and send it to firstname.lastname@example.org.