How To Report Phishing

How to Report Phishing: Where to Send Scam Emails

by

How to Report phishing: Where to Send Scam Emails

Introduction

Phishing attacks are becoming increasingly sophisticated, with cybercriminals crafting convincing fake emails that can fool even cautious users. When you receive a suspicious email, knowing how to properly report it is crucial for protecting yourself and helping authorities track down scammers.

What you’ll accomplish: By following this guide, you’ll learn the exact steps to report phishing emails to the appropriate authorities, email providers, and organizations. You’ll also understand how to document these attempts properly and protect yourself from future attacks.

Why this matters for your security: Reporting phishing attempts serves multiple purposes. It helps law enforcement track criminal activity, enables email providers to improve their spam filters, allows targeted organizations to warn their customers, and contributes to a safer digital environment for everyone. Most importantly, proper reporting can prevent others from falling victim to the same scam.

Time required: The entire reporting process typically takes 10-15 minutes per phishing email, though gathering evidence may add a few extra minutes.

Before You Start

What You’ll Need

  • The suspicious email (do not delete it yet)
  • Access to your email account’s settings
  • A computer or smartphone with internet access
  • The ability to take screenshots
  • A notepad (digital or physical) to record details

Information to Gather

Before reporting, collect the following details from the phishing email:

  • Email headers – These contain routing information and sender details
  • Sender’s email address – The “From” field (which may be spoofed)
  • Subject line – The exact text used
  • Date and time received
  • Any URLs or links – Do not click them, but copy the text
  • Attachments – Note their names and file types (do not open them)
  • Screenshots – Visual evidence of the email content

Prerequisites

  • Do not click any links in the suspicious email
  • Do not download attachments from the email
  • Do not reply to the sender
  • Keep the email in your inbox until you’ve completed reporting
  • Ensure your antivirus software is up to date

Step-by-Step Instructions

Step 1: Document the Evidence

  • Take a screenshot of the entire email, including headers if visible
  • Copy the sender’s email address exactly as it appears
  • Note the exact time and date you received the email
  • If there are links, hover over them (without clicking) and note the actual destination URLs

Tip: Many phishing emails contain subtle spelling errors or suspicious URLs that differ from legitimate company domains.

Step 2: Access Email Headers

Email headers contain crucial technical information for investigators:

For Gmail:

  • Open the suspicious email
  • Click the three dots menu in the top right
  • Select “Show original”
  • Copy the entire header information

For Outlook/Hotmail:

  • Right-click the email
  • Select “View source” or “Message details”
  • Copy the header information

For Apple Mail:

  • Select the email
  • Go to View > Message > All Headers
  • Copy the displayed information

Step 3: Report to Your Email Provider

Most major email providers have dedicated phishing reporting systems:

Gmail Users:

  • Select the phishing email
  • Click “Report spam” or use the spam button
  • For additional reporting, forward the email to phishing@gmail.com

Outlook/Hotmail Users:

  • Select the suspicious email
  • Click “Report” in the toolbar
  • Choose “Phishing”
  • Alternatively, forward to abuse@outlook.com

Yahoo Users:

  • Select the email
  • Click the “Spam” button
  • Forward suspicious emails to spam@uce.gov

Step 4: Report to Anti-Phishing Organizations

Report to the Anti-Phishing Working Group (APWG):

  • Forward the phishing email to reportphishing@apwg.org
  • Include “Phishing Report” in the subject line
  • Add any additional context in the email body

Report to the FBI’s Internet Crime Complaint Center (IC3):

  • Visit ic3.gov
  • Click “File a Complaint”
  • Complete the online form with all gathered information
  • Include financial losses if applicable

Step 5: Report to the Federal Trade Commission

  • Visit reportfraud.ftc.gov
  • Select “Other” then “Internet Services”
  • Provide detailed information about the phishing attempt
  • Forward the original email to spam@uce.gov

Step 6: Report to the Targeted Organization

If the phishing email impersonates a specific company:

  • Visit the legitimate company’s official website
  • Look for their security or abuse reporting contact
  • Forward the phishing email to their security team
  • Common addresses include: abuse@[company].com, security@[company].com, or phishing@[company].com

Warning: Always verify the reporting email address through the official website, not through information in the suspicious email.

Step 7: Report to Additional Authorities (If Applicable)

For Financial Phishing:

  • Report to your bank immediately
  • Contact credit card companies if cards are involved
  • Consider filing a police report for significant financial losses

For Government Impersonation:

  • Report IRS phishing to phishing@irs.gov
  • Report Social Security phishing through ssa.gov
  • Report other federal agency impersonation to the respective agency

Common Issues

Problem: Can’t Find Email Headers

Solution: Each email client displays headers differently. If you can’t locate them using the steps above, search “[your email provider] view email headers” in a search engine for specific instructions.

Problem: Email Provider Doesn’t Have Clear Reporting Options

Solution: When dedicated reporting tools aren’t available, forward the suspicious email to the provider’s general abuse address. Most providers use abuse@[domain].com or security@[domain].com.

Problem: Unsure If Email Is Actually Phishing

Solution: When in doubt, report it anyway. It’s better to over-report than to let a genuine threat go unreported. Look for these red flags:

  • Urgent language or threats
  • Requests for personal information
  • Generic greetings (“Dear Customer”)
  • Misspelled URLs or company names
  • Unexpected attachments

Problem: Already Clicked Links or Downloaded Attachments

Solution:

  • Immediately disconnect from How to Remove
  • Run a full antivirus scan
  • Change passwords for any accounts that might be compromised
  • Monitor financial accounts closely
  • Still report the phishing attempt, noting what actions you took

When to Seek Additional Help

Contact IdentityProtector.com or similar identity protection services if:

  • You’ve provided personal information to scammers
  • You notice unauthorized activity on your accounts
  • You need help monitoring your credit reports
  • You want ongoing protection against identity theft

Verification

How to Confirm Success

Most reporting systems will provide confirmation:

  • Email providers often send automatic confirmation emails
  • Government agencies may provide case numbers or reference numbers
  • Companies might send acknowledgment emails about the reported phishing

What to Check

  • Look for confirmation emails in your inbox within 24-48 hours
  • Save any reference numbers provided
  • Note any follow-up instructions from reporting agencies

Expected Outcomes

  • Improved spam filtering for your email account
  • Potential takedown of phishing websites
  • Contribution to law enforcement investigations
  • Protection of other potential victims

Remember that individual reports are part of larger investigations, so you may not see immediate visible results.

Related Actions

Other Protective Measures to Consider

  • Enable two-factor authentication on all important accounts
  • Update your email security settings to filter suspicious messages
  • Install reputable antivirus software with email scanning capabilities
  • Educate family members about phishing recognition
  • Regular password updates for sensitive accounts

Complementary Steps

  • Sign up for fraud alerts with credit bureaus
  • Monitor bank and credit card statements regularly
  • Use identity monitoring services for ongoing protection
  • Keep software and browsers updated
  • Be cautious about sharing personal information online

Ongoing Maintenance

  • Review and report new phishing attempts as they arrive
  • Stay informed about current phishing trends
  • Regularly check that your reporting contact information is current
  • Update your security software and email filters periodically

FAQ

1. Should I report phishing emails that go directly to my spam folder?

Yes, you should still report obvious phishing emails even if they’re automatically filtered. This helps improve spam detection systems and contributes to broader cybercrime investigations. However, you can prioritize reporting emails that made it to your inbox, as these represent gaps in current filtering systems.

2. How long does it take for authorities to respond to phishing reports?

Response times vary significantly. Email providers may send automatic confirmations within minutes, while government agencies might take several days to weeks. Many reports contribute to ongoing investigations rather than generating individual responses. Don’t expect immediate action on every report, but know that your contribution is valuable.

3. What happens if I accidentally click a link in a phishing email?

Don’t panic. Immediately close the browser tab, run a security scan on your device, and change passwords for any accounts that might be at risk. Monitor your accounts for unusual activity and consider using identity monitoring services. Still report the phishing attempt, noting that you clicked the link.

4. Can I get in trouble for reporting a legitimate email as phishing by mistake?

No, there are no penalties for reporting suspicious emails in good faith. Authorities and companies prefer over-reporting to under-reporting. False positives are part of the process and help refine detection systems.

5. Do I need to report the same phishing campaign multiple times if I receive similar emails?

Generally, report each unique phishing email you receive, even if they appear similar. Different emails may contain slightly different information that’s valuable to investigators. However, if you receive dozens of identical emails, you can report a representative sample rather than every single instance.

Conclusion

Taking the time to properly report phishing attempts is one of the most effective ways to protect yourself and contribute to cybersecurity efforts. By following these steps, you’re not only safeguarding your own identity but helping create a safer digital environment for everyone.

Remember that phishing tactics constantly evolve, making ongoing vigilance essential. While reporting suspicious emails is crucial, it’s just one part of a comprehensive identity protection strategy.

Ready to take control of your identity security? IdentityProtector.com helps thousands of individuals and families stay protected with comprehensive monitoring, real-time alerts when your personal information appears in unexpected places, dark web scanning to detect compromised data, and expert recovery support if your identity is compromised. Our easy-to-understand guidance, combined with proactive monitoring services, gives you the peace of mind that comes from knowing your identity is actively protected 24/7. Don’t wait until it’s too late – start protecting your identity today with IdentityProtector.com.

Leave a Comment

icon 4,206 users this month
J
James
just started identity monitoring