Microsoft can analyze dangerous emails to determine why those messages made it past your spam filters.
You receive an email that you find suspicious--potentially a phishing email--so you ignore or delete it. Another option is to report the email to Microsoft for analysis via the Outlook add-in called Report Message or a specific Microsoft address.
In addition, you can use the process to report a "false negative," meaning a spam message that should have been identified as spam but was not. You can also use it to report a "false positive," meaning a legitimate email that was incorrectly identified as spam. Microsoft analyzes such messages to improve its spam filtering technology.
SEE: Phishing attacks: A guide for IT pros (free PDF) (TechRepublic)
First, if you use Outlook, install and enable the Report Message add-in. This add-in works with your Office 365 subscription and the following versions of Outlook: Outlook on the web, Outlook 2013 SP1, Outlook 2016, Outlook 2016 for the Mac, and Outlook included with Office 365 ProPlus. You'll also need an Office 365 business account to enable add-ins.
After you installed Report Message, select an email you wish to report. Click the Report Message icon on the Home Ribbon, then select the option that best describes the message you want to report, such as Spam or Phishing. You can also report a legitimate message that was tagged as spam by selecting the Not Junk option (Figure A).
By default, a confirmation message appears. Click the Report button to send your report (Figure B).
You can turn off the confirmation message, if you wish. Click the Report Message icon, and select Options. At the Options window, check Automatically Send Reports, and then click Save (Figure C).
If you don't use Outlook, or your version isn't supported by the Report Message add-in, you can forward a phishing or spam email to Microsoft. To do this, create a blank email message in your mail programs.
- For a phishing email, address your message to email@example.com.
- For a junk email, address it to firstname.lastname@example.org.
- For a legitimate email falsely flagged as spam, address it to email@example.com.
Copy and paste the phishing or junk email as an attachment into your new message, and then send it (Figure D).
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- How an IBM social engineer hacked two CBS reporters--and then revealed the tricks behind her phishing and spoofing attacks (TechRepublic download)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- It takes work to keep your data private online. These apps can help (CNET)
- 3 ways to protect your employees' inboxes from phishing threats (TechRepublic)
- The top 11 phishing email subject lines SMBs should look out for (TechRepublic)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)