Reporting phishing or fraudulent email

Phishing emails are deceptive attempts by scammers to trick you into revealing personal or financial information. Large organizations, such as OCU, are especially targeted by phishing campaigns.

Here are some common tactics used in phishing emails:

Storytelling: Phishing emails often tell a story to manipulate you into clicking on a link or opening an attachment. For example, they might claim suspicious activity on your account, ask you to confirm personal information, or offer a coupon for free stuff. Be cautious of unexpected emails that appear to be from trusted companies.
Generic Greetings: Scammers often use generic greetings like “Dear Customer” instead of addressing you by name. Legitimate companies usually personalize their communications.
Urgency and Threats: Phishing emails create a sense of urgency or fear. They might warn of account issues, payment problems, or threats like blackmail. Remember that reputable companies won’t pressure you through email.
Suspicious Links or Attachments: Be wary of links or attachments in emails. Hover over links to see the actual URL before clicking. If it looks suspicious, don’t open it.
Too-Good-to-Be-True Offers: Phishing emails may promise unbelievable deals or giveaways. If it sounds too good to be true, it probably is.
Spelling and Grammar Errors: Poor language quality is a red flag. Scammers often make mistakes in spelling and grammar.
Fuzzy Logos or Images: Legitimate companies use high-quality logos and images. If they appear blurry or low-quality, be cautious.

Remember, phishing emails can have real consequences, including identity theft. Protect yourself by being vigilant and verifying the authenticity of any unexpected emails. If in doubt, contact the company directly using official channels rather than clicking on links or providing sensitive information. Campus Technology Services can also be consulted if you are uncertain about an email. Simply forward the email to isitlegit@okcu.edu to seek advice. If you are confident an email is fraudulent, you do not need to forward it to isitlegit@okcu.edu. You can optionally report the message to Microsoft (see the next section), but you definitely should delete the message.

Reporting Phishing

If you identify an email as being fraudulent, do not click any links or open any attachments contained within the message. Prior to deleting the message, you can optionally report the email to Microsoft via Outlook to help with their detection and mitigation capabilities. Here is how:

Outlook Web

With the fraudulent message selected or opened, click the Report button on the ribbon bar.
Delete the message.

Outlook desktop application

With the fraudulent message selected or opened, click the Report Phishing button on the ribbon bar.

If you do not see this button on the ribbon bar, locate and click the ellipses button on the ribbon bar to find the Report Phishing button within the Protection section. If desired, you can pin the Report Phishing button to your ribbon bar by right clicking the button and choosing Pin to ribbon.
Delete the message.