Overview
Despite the best efforts of IT administrators refining email filters, spam/phishing email attempts will sometimes get through. This article describes the steps to take if you believe you have received a spam/phishing email attempt.
Procedures
If you are unsure if it is a phishing email, always err on the side of caution and then:
- Go to the RPI Phish Bowl page at https://dotcio.rpi.edu/it-security/phish-bowl and search for the suspicious email.
- If the suspicious email is on the list, use the Report phishing button in outlook which will delete the email (Review the article - Report Suspicious Message to Microsoft from Outlook)
- If the suspicious email is not on the list, and you believe it is a phish, use the Report phishing button in outlook which will delete the email. (Review the article - Report Suspicious Message to Microsoft from Outlook)
- If you have received a suspicious email particularly requesting you to click on links, provide personal identifying, financial or account login information DO NOT click on anything or respond.
- Please review the article Report Suspicious Message to Microsoft from Outlook, and report the message through the Outlook Desktop Application, or Outlook Web Application.
- If you clicked on any links, attachments, and feel you compromised your RCS account please follow the steps in this article: Steps to follow if you feel your RCS/Email Account has been compromised
- Please note: From our Information Security team, please report any messages that are potentially spam, phishing, junk, or suspicious through Microsoft Exchange Online Protection (EOP).
- If you have any other questions or concerns, please submit a support request, and we would be happy to assist further.
References/Links
How do you know if you received a Phishing or Spoofing Email?
Reporting Suspicious Messages to Microsoft
Last Reviewed: 23-Jan-2026
Comments
0 comments
Article is closed for comments.