How to report Phishing messages to the Technology Help Desk

Overview: What is phishing?

Phishing is a type of social engineering scam in which cybercriminals send an email, text, phone call, or other message that appears to come from a legit source but is intended to trick recipients into surrendering login credentials, financial data, and other sensitive assets. This may include personal account passwords (banking, credit cards) or high-value organizational assets (network logins, intellectual property). 

You can see examples of phishing messages that MHC community members have received in the LITS Phish Bowl.

 

What do I do if I get a message I think is phishing?

In my MHC email inbox

Regardless of whether you see the message in the LITS Phish Bowl, the best way to report a message you think is phishing is to report the message as phishing within Gmail. 

If you use a desktop email client or mobile app, you'll need to log into your MHC Google account in a web browser to mark a message as phishing.

  1. Open the email message by navigating to your inbox on a web browser 
  2. Select the three dots menu to the right of the reply arrow in line with the sender information at the top of the message
  3. Choose Report Phishing 

screenshot of the menu option where you can report a message as phishing

When you report a message as phishing in Gmail, LITS' security software will review your report and LITS will follow up with you to inform you whether we believe the message was benign, spam, or malicious. Regardless, because you reported the message as phishing, it will be filtered out of your inbox. 

In the case where the message you report turns out to be malicious, LITS will take appropriate action to protect the MHC community. 

Even if you’re not sure if something is malicious, you can still report the message as phishing in Gmail to have it be reviewed.

Reporting messages in this way also improves filtering so that similar messages are less likely to land in your inbox next time. 

 

In my MHC email spam folder

There's no reason to engage with (or report) suspicious messages in your spam folder. 

Messages that Google automatically filters into your spam folder are sent there because Google thinks they're spammy or otherwise illegitimate (though not necessarily malicious).  Unless you find a message from a trusted sender that you've been expecting, don't engage with messages in your spam folder. 

Phishing messages that are automatically routed to your SPAM folder don't need to be reported to LITS as phishing since our processes have already worked to prevent them from hitting your inbox.

 

Via another method (e.g. text message)

  1. Don't engage with the sender.
  2. Check the Phish Bowl to see if it's already been reported to LITS.
    • If it isn't in the Phish Bowl yet, please report the message to the Technology Help Desk emailing helpdesk@mtholyoke.edu. It's useful to include screenshots.
  3. Use whatever tools are available in the system where you received the message to report the sender and delete the message. 
Print Article

Related Articles (1)

How to report spam messages in Gmail
Instructions for marking unwanted junk email as spam.

Related Services / Offerings (2)

Email support and new email group requests
Learn about MHC email powered by Google.
Phishing investigation and response
LITS is here to protect you from phishing scams. If you receive a message that seems suspicious, follow our instructions to report phishing to the Technology Help Desk for investigation and response.