Where To Send Suspicious Emails

Turn Off Your Computer

Suspicious email reporting service

With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being always on renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attackers connectionbe it spyware or a botnet that employs your computers resources to reach out to other unwitting users.

Examples Of Phishing And Scam Emails

Key Items to Look for in Suspicious Emails

Below are some examples of actual phishing and scam emails received by UVA community members, in which the most common or key markers of phishing emails are indicated. Please review these carefully so you don’t become the next victim.

Example Spam/Phishing Email Message #1

  • UVA will never send a message like this. Even if you were to ask UVA to delete your account , you would be communicating with UVA through verifiable channels and probably by voice communication with a verified UVA staff member, not in an email like this.
  • Notice the tone of urgency, indicated by a 24-hour deadline, along with an implied threat, indicated by the words “your account will be lost”. A tone of urgency and an implied or veiled threat to those who do not act will generate fear, a key tactic phishers use to deceive us, and to push us to act without thinking. UVA will never threaten you in fact, no reputable institution will ever threaten you in any communication.
  • Hover over any included links before clicking them. As seen above, the hyperlink text says it will “CANCEL REQUEST IMMEDIATELY”, but when you hover over the link, you see that the actual URL takes you away fom UVA servers. Clicking this link would make your information and data available to hackers if there is no match between the apparent URL and the real URL, delete the message.
  • Example Spam/Phishing Email Message #2

    How To Report Phishing Email To Google

    If you receive a suspicious email, where the sender is asking you to disclose personal informationaddress, passwords, Social Security Number, or your phone numberyou should report that email for phishing.

    Differences Between Spam and Phishing Emails


    • Your email is often in the BCC field
    • Trying to get to you by sellingpossibly dubiousproducts and services
    • If they have a link, they usually lead to a legitimate website
    • Disguised as coming from a legitimate company
    • Targeted audience
    • Your email is in the To field
    • Trying to get your personal information
    • Contain malicious links
    • Phishing has a sense of urgency

    Google has a filter that removes phishing emails from your inbox and moves them to your spam folder, but the filter is not perfect. You can stop phishing emails by manually reporting them to Google. For now, this option is only available for your web browser, and not through the apps. Here is how you can report them:

  • Go to your Gmail account
  • Open the suspicious email
  • Recommended Reading: Can You Send An Email As A Text Message

    Check If It’s Actually Google Trying To Reach You


    • Check the email’s message headers

      Google Partners are agencies, marketing professionals and online experts who have been certified by Google to manage Google Ads accounts. To achieve Google Partner status, agencies must earn the Google Partner Badge, which signifies that the company is healthy, has happy customers, and demonstrates Google best practices. Learn more about our third party affiliations and .

    • Check where an email’s links are pointing

      Before clicking any links in the email, right-click the link and select Copy Link Address or Copy Link Location. Then paste what you copied into a text document or text field to see what that URL actually says. If the URL is taking you somewhere other than a page on “google.com,” this URL might be taking you to a non-Google webpage.

    Phone calls

    • Ask the caller to send you an email.

      Google Partners are agencies, marketing professionals and online experts who have been certified by Google to manage Google Ads accounts. To achieve Google Partner status, agencies must earn the Google Partner Badge, which signifies that the company is healthy, has happy customers, and demonstrates Google best practices. Learn more about our third party affiliations and .

    • Ask the caller to provide you with the names and clicks of your campaigns or ad groups.

      A Google representative will be able to access your account details.

    How To Identify A Phishing Email

    ITS Phishing Bulletin No. 2: Examples of Common Phishing ...

    Phishing emails:

    • May show the sender on behalf of someone, such as the University of Houston, and generally does not contain the sender’s email
    • May contain fuzzy logo symbols, which are not genuine
    • May not contain email signatures or any contact information
    • May contain bad grammar and capitalization errors
    • Generally require you to take quick action, such as verifying your account to prevent it from being deactivated

    Be particularly vigilant during holidays or during significant events since attackers heighten their activity during these times.

    You May Like: How To Delete Emails On Android Phone

    How To Identify Fraudulent Emails And Messages

    Scammers try to copy email and text messages from legitimate companies to trick you into giving them your personal information and passwords. These signs can help you identify phishing emails:

    • The senders email or phone doesnt match the name of the company that it claims to be from.
    • The email or phone they used to contact you is different from the one that you gave that company.
    • A link in a message looks right, but the URL doesnt match the companys website.2
    • The message looks significantly different from other messages that youve received from the company.
    • The message requests personal information, like a credit card number or account password.
    • The message is unsolicited and contains an attachment.

    Reporting An Incident After The Fact

    If you’re worried you might have compromised your Chase account, please contact us immediately. The sooner we know what happened, the sooner we can help you.

    • Your credit or debit card number
    • Personal information about you, such as your Social Security number or taxpayer identification number
    • Your chase.com sign-in information, including your user name and password

    For more information, please read our Identity Theft Kit .

    Also Check: How Do I Delete My Email Account

    How To: Report Spam / Malicious Email To Authorities

    Are you receiving spam emails on a frequent basis? Did you get signed up for an email newsletter you know you never signed up for? If you are noticing a trend in spam or malicious emails to your inbox or email folders, it is probably time to report emails instead of marking them as each time. When you mark email as , your mail server uses Bayesian Filtering to combat the same type of email messages from being received to other email addresses on your mail server. While reporting junk mail is still important, it will only attempt to reduce the amount of spam messages you receive. If you believe you are being targeted by a scam, individual, or phishing attack, we highly recommend reporting the email you receive to the Federal Trade Commission in the United States. The entire processes for reporting emails is straightforward and takes less than a few seconds.

    Phishing Attacks At Umass Amherst

    How to Detect Malicious Emails with IR Mailbox | Hands-on with VMRay Analyzer

    Members of the university community may have received more targeted phishing emails, asking specifically for their IT Account NetID and/or password. These fraudulent emails claim to be official university communications . Most will ask you to immediately update your personal information or face serious consequences.

    Dont be fooled! These emails do not come from UMass Amherst IT/UMass Amherst. They are fraudulent messages attempting to compromise your personal information.

    UMass Amherst IT will never ask for your IT Account password or other sensitive information via email or link.

    Note: Email spam filters will intercept some fraudulent emails, but they are not foolproof. It is critical that you learn to identify phishing scams and take the appropriate steps to protect your computer and your information.

    Visit this page for instructions on how to report a phishing attempt to UMass Amherst IT Security.

    Read Also: How To Erase All Emails On Gmail

    The Email Is Poorly Written

    You can often tell if an email is a scam if it contains poor spelling and grammar.

    Many people will tell you that such errors are part of a filtering system in which cyber criminals target only the most gullible people.

    The theory is that, if someone ignores clues about the way the message is written, theyre less likely to pick up clues during the scammers endgame.

    However, this only applies to outlandish schemes like the oft-mocked Nigerian prince scam, which you have to be incredibly naive to fall victim to.

    That, and scams like it, are manually operated: once someone takes to the bait, the scammer has to reply. As such, it benefits the crooks to make sure the pool of respondents contains only those who might believe the rest of the con.

    But this doesnt apply to phishing.

    What Should I Do If I Clicked A Link Or Provided Personal Information

    • Change your Netflix password to a new one that is strong and unique to Netflix.

    • Update your password on any websites where you use the same email and password combination.

    • Contact your financial institution if you entered any payment information, as it may have been compromised.

    • Forward the message to with the steps above.

    Don’t Miss: How To Block An Email Address In Gmail

    Phishing & Other Suspicious Emails

    Phishing refers to an email that attempts to fraudulently acquire personal information from you, such as your Apple ID, password and/or credit card information. On the surface, the email may appear to be from a legitimate company or individual, but it’s not.

    As a general rule, never send credit card information, account passwords, or extensive personal information in an email unless you verify that the recipient is who they claim to be. Many companies have policies that state they will never solicit such information from customers by email.

    If you are concerned that your Apple ID or other Apple accounts may have been compromised, please refer to Apple ID Security below.

    An Effective Method Of Attack

    Report a suspicious email

    Phishing attacks are effective because threat actors can be highly skilled at creating emails that look legitimate. These emails contain company logos or trademark information. The subject lines are relevant, and the messages are pertinent.

    Given our desire to trust , it can be easy to believe the content we read in these emails, click on embedded links, or open attachments. However, the attachments may contain malicious software, and the links may direct you to malicious websites. Even if an email comes from someone you know, you should always think twice before clicking links or opening attachments.

    Also Check: How To Create An Email

    Recognize And Avoid Phishing Messages Phony Support Calls And Other Scams

    Use these tips to avoid scams and learn what to do if you receive suspicious emails, phone calls, or other messages.

    If you receive a suspicious email that looks like it’s supposed to be from Apple, please forward it to .1

    Phishing refers to fraudulent attempts to get personal information from you, usually by email. But scammers use any means they can to trick you into sharing information or giving them money, including:

    • Fraudulent emails and other messages that look like they’re from legitimate companies, including Apple
    • Misleading pop-ups and ads that say your device has a security problem
    • Scam phone calls or voicemails that impersonate Apple Support
    • Fake promotions that offer free products and prizes
    • Unwanted Calendar invitations and subscriptions

    If you’re suspicious about an unexpected message, call, or request for personal information or money, it’s safer to presume it’s a scam and contact that company directly if you need to. If you’re concerned about a security issue with your Apple device, you can get help from Apple.

    If you believe that your Apple ID has been compromised, or if you might have entered your password or other personal info on a scam website, change your Apple ID password immediately.

    Suspicious Emails Or Calls Claiming To Be From Google Ads

    Google will never send an unsolicited message asking you to provide your password or other sensitive information by email or through a link. If you’re asked to share sensitive information, it’s probably an attempt to steal your information, also known as “phishing.” Sometimes businesses and hackers pretend to be associated with Google to try to trick people into providing more information than they should.

    Here’s what to do:

  • Until you’re sure, don’t give away any personal information or click any email links.
  • Protect your account if you think you shared information with an untrustworthy source.
  • You May Like: How To Email For A Job

    Online Marketplace Purchase Scams

    Online transactions, whether you are the buyer or the seller, require caution to make sure you avoid scams. This is particularly true if you are engaging in a person-to-person transaction, perhaps through Facebook Marketplace, Craigslist or eBay rather than purchasing through an online store.

    When you are buying items advertised online, make sure that the seller actually has possession of the goods being sold, and hasnt just copied photos someone else has posted online. If possible, view the product in-person before purchasing, but take appropriate safety precautions including meeting in a safe, well populated place and bringing a friend.

    If you must purchase an item without viewing the item in person, take additional precautions:

  • Ask for additional photos of the item to make sure the seller has the item. Ask for specific photos or for a photo of the item with a piece of paper with the current date or a specific message.
  • If possible, purchase the item through a website that offers protections to buyers and sellers, or use a payment mechanism that offers buyer protections.
  • Scammers sometimes set up their own fake escrow service, so do not rely on an escrow service suggested by the seller unless you have thoroughly researched it.
  • How To Report A Suspicious Message

    How to install the Email Submission Add-in for Email Security.cloud


  • In Outlook , select the suspicious email.
  • A prompt will appear to confirm whether you wish to report your message. Click Yes.
  • Complete! A window will appear to let you know your message was reported. Click Ok.
  • From the menu, click Report Message
  • Complete! A window will appear to let you know your message was reported. Click OK.
  • Recommended Reading: How To Get Rid Of An Email Address

    How To Protect Yourself

    Here are some best practices that will help protect you and your information:

    • Beware of messages that claim your account has been suspended
    • Be suspicious of any email containing urgent requests for personal financial information
    • Never click on a link in an email. Instead, always type the legitimate Web address of the site you want to reach directly into your Web browser.
    • Be suspicious of email messages and other electronic communications from sources you do not know or recognize
    • Use the latest versions of your operating system and applications
    • Have the latest security software updates installed. This includes patches for your OS and applications
    • Keep your anti-virus software up to date
    • Report any suspicious emails

    Popular Articles

    Related Stories

    Stay on top - Get the daily news in your inbox