Email Phishing and How to Report It

A Guide to Understanding and Reporting an Email Phishing Attempt

Phishing is the fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing schemes can be used by attackers for a variety of things. Here at NAU, attacks designed to gather user ids and passwords of accounts have been successfully used to take over email accounts and use them to send spam. Having an account stolen as a result of a successful phishing attack is very disruptive to the campus, as it usually results in all campus email being blocked by major email providers such as Hotmail and Yahoo. 

It’s particularly disruptive to the owner of the compromised account, as ITS must disable that owner's access to prevent continued abuse of the account and investigate the extent of the break-in. In order to help minimize the impact of phishing attacks, it’s important for everyone to promptly and properly report them to the appropriate authorities.

The first step is to identify the appropriate authority.

The second step is to gather the appropriate information to be reported. Whether you are reporting a phishing attack to NAU or another agency, the person receiving the report will need the original message you received and the normally hidden email headers.


Interactive Walkthrough: Reporting a Phishing Email

The following interactive video demonstrates how to report a phishing email in Outlook 2013, Outlook 2010, Outlook 2011 for Mac, Mac Mail, Iris (OWA), and NAU GMail:

  Phishing Emails Video Thumbnail


Outlook 2013 for Windows 7

To view a message’s headers in Outlook 2013 for Windows 7, first open the message in a new window. Click on the “Home” button on the navigation bar and then select “Properties” from the Tags group. The headers are found in the “Internet headers” dialog box and can be copied and pasted from here.  Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

Outlook 2010 for Windows 7

The headers for Windows 7 Outlook 2010 can be found by selecting “Properties” from the File tab drop down menu in a new window for the Email in question. Headers are located in the “Internet headers” dialog box. Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

Outlook 2003/2007

While looking at the list of messages in your inbox, right-click on the phishing message. There should be an entry labeled Message Options… (or simply Options… in 2003). Select this and a new window will open. At the bottom of the window will be a text box containing the full email headers. Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

Outlook 2011 for Mac:

To view and obtain headers for Outlook 2011 Mac, right click on message from the inbox and select “view source” from the drop down menu. This will bring up the corresponding headers in a separate window as a text file. Highlight the headers and copy them to be pasted in to the email before forwarding it. Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

Entourage

View the message. Then go to the Message -> Internet Headers menu item. This will display all the headers. Select and copy the headers. Click your mouse in the forwarded message where you want to insert the headers and paste them in. The shortcut key to accomplish this is Command-Shift-H. Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

Mac Mail

View the message, then go to the View -> Message -> Long Headers menu item. The headers will be exposed in the email. Click anywhere in the headers, and select and copy them. Click your mouse in the forwarded message where you want to insert the headers and paste them in. Repeat the View -> Message -> Long Headers action to turn off showing full headers. The shortcut key to turn on and off exposure of headers is Command-Shift-H.  Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

Office Web Access (OWA)

Bring up OWA in Internet Explorer so that you get the full OWA version. Double-click on the message in the inbox so the message opens in its own window. At the top of the window will be several icons. One of them is the Message Details icon. It is a picture of an open envelope with a sheet of paper superimposed over the right side of the envelope. It’s just to the left of the Printer icon. Click the Message Details icon, and a new window will open. At the bottom of the window will be a text box containing the headers. Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

NAU GMail

To access headers in GMail, open the message from the inbox. In the top right corner click on the arrow to open the drop down menu and select “Show Original” from the options. This will open a separate page with the headers shown at the top. Select, copy, and paste the headers into the email with the forwarded phish message to phishing@nau.edu.

top

Related Services

Available to studentsAvailable to facultyAvailable to staff

Security for your computers and information, including SSL certificates.

top

Training & Documentation


Learn how to stay secure on Facebook.


top