Despite the best efforts of IT administrators refining email filters, spam/phishing email attempts will sometimes get through. This article describes the steps to take if you believe you have received a spam/phishing email attempt.
If you are unsure if it is a phishing email, always err on the side of caution and then:
- Go to the RPI Phish Bowl page at https://dotcio.rpi.edu/it-security/phish-bowl and search for the suspicious email.
- If the suspicious email is on the list, use the Report phishing button in outlook which will delete the email (Review the article - https://itssc.rpi.edu/hc/en-us/articles/15784053174797 - Report Suspicious Message from Outlook)
- If the suspicious email is not on the list, and you believe it is a phish, use the Report phishing button in outlook which will delete the email. (Review the article - https://itssc.rpi.edu/hc/en-us/articles/15784053174797 - Report Suspicious Message from Outlook)
- If you have received a suspicious email particularly requesting you to click on links, provide personal identifying, financial or account login information DO NOT click on anything or respond.
- Change the subject line to: Potential Spam Phishing this exact subject line will trigger an action to notify our security team
- Forward the email to email@example.com
- IT will update you on the outcome of this request.
- If you feel you compromised your RCS account please follow the steps in this article: https://itssc.rpi.edu/hc/en-us/articles/360010720151-Steps-to-follow-if-you-feel-your-RCS-Email-Account-has-been-compromised
Last Reviewed: 19-Jan-2024