E-mail Protection Guides - Microsoft ATP - how to report a suspected phishing email

You can report junk or suspicious messages to Microsoft for analysis.


If you are using Microsoft Outlook 2016 or newer, and are using Exchange Online (part of Microsoft 365) then you should be able to use the ""Report Message" button, if you have the Report Message Add-in.  If you are using Outlook 2016 or newer, and Exchange Online, but don't have the "Report Message" button, you can download the add-in from https://appsource.microsoft.com/en-us/product/office/wa104381180?tab=overview  .  (If you're a Cambridge Networks customer, and unsure if you should do this, please contact our support service desk.)

If you cannot install the Report Message Addin, you can submit a message manually to Microsoft for analysis as follows:

Submit Junk or Phishing e-mails to Microsoft


If you receive a message that passed through spam filtering that should have been identified as spam or phishing, you can submit the message to the Microsoft Spam Analysis and Microsoft Phishing Analysis teams as appropriate. The analysts will review the message and add it to the service-wide filters if it meets the classification criteria.

  1. Create a new, blank email message with the one of the following recipients:

  2. Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers).

Note

  • You can attach multiple messages in the new message. Make sure that all the messages are the same type: either phishing messages or junk email messages.

  • Leave the body of the new message empty.

  • Use either .msg (default Outlook format) or .eml (default Outlook on the Web format) formats for the attached messages

 

When you're finished, click Send.


Submit false positives to Microsoft

If a message was incorrectly identified as spam, you can submit the message to the Microsoft Spam Analysis Team. The analysts will evaluate the message, and (depending on the results of the analysis) the service-wide filters can be adjusted to allow the message through.
1.    Create a new, blank email message with not_junk@office365.microsoft.com as the recipient:
2.    Drag and drop the misidentified message into the new message. This will save the misidentified message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers).
Note
•    You can attach multiple messages in the new message. Make sure that all the messages are the same type: either phishing messages or junk email messages.
•    Leave the body of the new message empty.
•    Use either .msg (default Outlook format) or .eml (default Outlook on the Web format) formats for the attached messages.

3.    When you're finished, click Send.

Learn more about how Junk and Phishing e-mails are detected and managed

Read our guide here to understand more about Junk and Phishing e-mails