Instructions for Reporting a Phishing Scam

white desk at a white wall


The UCLA Information Security Office requests that campus users report phishing messages to our team so that we can proactively alert campus users and bring awareness to widespread phishing campaigns. In order for the Information Security Office to take action in response to a reported phishing message, please refer to the following instructions for your email client.

Instructions

  • Microsoft Outlook for Windows
  • 1. Double-click and open the email. Click File then click on Save As.
    Microsoft for windows screen grab

    2. Appropriately name the message, select your save location, and then click Save.
    Microsoft outlook for Windows screen grab
     

    3. Compose a new email addressed to security@ucla.edu, and attach the saved phishing email from the location it was copied to. Use a subject line that identifies the email as a phish.

    Microsoft outlook for windows screen grab 3


    a. If you are replying to an existing open phish report, attach that saved phishing email as a reply to that message.

    Microsoft outlook for Windows screen grab
  • Microsoft Outlook for Mac
  • 1. Click one to highlight the email and Click, Hold, Drag, and Release the email to your Desktop or desired location to copy.
    Microsoft outlook for Mac screen grab

    a. Compose a new email addressed to security@ucla.edu, and attach the saved phishing email from the location it was copied to. Use a subject line that identifies the email as a phish.
    Microsoft outlook for Mac screen grab

    2. Alternatively, using the keyboard shortcut Control+⌘ (Command) +J will compose a new message with the original email attached. 
    a. Address this email to security@ucla.edu with a subject that identifies the email as a phish.
    Microsoft outlook for Mac screen grab
  • Gmail
  • 1. When viewing the message you wish to report, click on the drop-down arrow next to the reply button.
    2. Click on Show Original, and a new tab on your browser will open.
     
    Microsoft outlook for Gmail screen grab


    3. On the new tab, click Download Original.
    a. Compose a new email addressed to security@ucla.edu, and attach the saved phishing email from the location it was copied to. Use a subject line that identifies the email as a phish.
    1. Microsoft outlook for gmail screen grab


Send the resulting message and attachment to security@ucla.edu with a subject line identifying the message as a phishing report.

The Phish Bowl

In the The Phish Bowl, you can check for recent fraudulent email examples. If you receive a suspicious email or are unsure about an email, check the Phish Bowl for a record of the most recent scams and phishing attempts.