How to Report Phishing Emails

Once your Manager has set up the Phish Reporter Service in your environment (Microsoft 365 or Google Workspace), you’ll be able to report suspicious emails quickly and safely.

Overview: Reporting Options

❓ Unsure Which Method to Use?

If you are unsure of which method to use to report emails, please reach out to your Admin Manager, MSP Account Manager, or Goldphish Account Manager for confirmation.

Option 1: Microsoft 365 – Using the Report Phishing Button

If your organisation uses Microsoft 365 and the Report Phishing button has been enabled, here’s how to report a suspicious email:

How to Report a Phishing Email in Outlook:

1. Open the suspicious email.
2. Tap or click the Report Phishing button (available in Outlook desktop, web, and mobile).
3. Confirm when prompted.

Where to find the Report Phishing button:

• Outlook Desktop (full program): In the main toolbar/ribbon.
• Outlook on the Web: In the sidebar or a menu within the email view.
• Outlook Mobile App: Open the email → tap the three dots (…) → choose Report Phishing.

Option 2: Google Workspace & Manual Forwarding

If you’re a Google Workspace user, please follow these steps:

How to Report a Phishing Email in Gmail

1. Open the suspicious email.
2. Manually forward the email to the designated organisational reporting address (e.g., phishreport@yourdomain.com).

General Guidelines for Reporting

Please report anything suspicious – even if you’re unsure.

By reporting suspicious emails, you help protect yourself, your colleagues, and our organisation from cybercrime.