University of Southampton


Reporting Phishing or SPAM messages

More like this

This article gives you information about phishing emails, spam messages, and how to report them.

Phishing emails

Know more about Phishing emails

Some emails are sent to try to trick you into revealing passwords, or other information about yourself such as bank details. We call this process Phishing.

Phishing emails often contain links to websites that are infected with malicious software (called “malware”). Hackers use them to gather sensitive information such as passwords.  

Malware such as computer viruses can also be used to:

  • get hold of your personal information so that they can use your identity
  • get your credit card details
  • disrupt computer operation
  • gain access to private computer systems.

Email or instant messaging, purporting to be from popular social networking websites, auction sites, online payment sites or IT administrators are commonly used.

The University will never need your password, so you should not give it to anyone even if they ask.

If necessary, the university can ask you to take action on your password by doing a rest or making changes. This request will be announced in advance on:

  • the University website

How to identify phishing emails

Phishing emails may feature some of the following warning signs:

  • You do not know the sender or the address is not official 
  • Contains generic greetings or no greetings at all
  • Contains misspellings, replacing letters with numbers or other techniques designed to fool spam filters
  • Makes an offer that seems too good to be true
  • The subject line and contents do not match
  • Contains an urgent offer end date (for example “Buy now and get 50% off”)
  • Contains a request to forward an email to multiple people and may offer money for doing so
  • Contains a virus warning
  • Contains attachments like PDF files or Word documents.
  • Contains misreading URL hyperlinks
  • Requests for personal information over email

Example of a fake email with clarification. Content listed above the picture

Effects related to clicking on a link in a Phishing email

If you click on a link in a phishing email, you may be taken to a fake website. It will try to get you to input personal information such as:

  • Your username and password
  • Your email account
  • Your date of birth
  • Other personal data.

This information could be used to commit theft and fraud using your identity.

What to do if you receive a Phishing email

If you have received a phishing or scam emails, please:

  • Do not react straight away
  • Take time to read the email
  • Do not click on links (URLs)
  • Do not reply
  • Report this emails 

Security concerns

If you have responded to the message in any way, or clicked on links in it, you should change your University account password as quickly as possible using Subscribe.

Use the following form if you want to notify Information Security about a security concern that may affect University systems: Security concerns.

Information Security will use this information to carry out any necessary risk assessments, and to assist with any remediation, if applicable.


Back to the top


Spam emails or messages

Spam is digital junk mail and unsolicited communications sent in bulk through an electronic messaging system.

Spam messages are:

  • Unrequested
  • Disruptive
  • Usually promotional
  • Designed to flood as many inboxes as possible. 

Often spam is sent via email, but it can also be distributed via:

  • Emails
  • SMS
  • Phone calls
  • Social media.


Back to the top


How to report phishing or spam emails

When you receive an email message that is malicious or not genuine, it is important to report it. Reporting these messages allows Microsoft to review the message and improve its filtering to prevent them from getting through in the future.

iSolutions will also receive a copy of the messages for our own independent review.

Reporting a message using Outlook for the web

1. As soon as you open a suspect email on Outlook, please select the "More actions" button (three dots in a row)

More action button

2. The list of available options will appear. Please select the option "Report Message"


3. A new menu will appear. You can use it to report a message as junk or phishing: please select the option "Report phishing"


4. Our Cyber Security team will receive your report and investigate


Reporting a message using the Outlook desktop app for Windows

1. As soon as you open a suspect email on Outlook, go to the ribbon and select the icon “Report Message""

Report message icon

2. The list of available options will appear. Please select the option "Phishing"


3. Our Cyber Security team will receive your report and investigate


Reporting a message using Outlook for macOS

1. As soon as you open a suspect email on Outlook, please select the button "Report Message" from the ribbon. You can find it close to the button "Sync" or by selecting the "..." button (called "See more items")

Drop-down menu appearing when you select the "See more items" button

2. From the drop-down menu, please select the option "Phishing":


3. Outlook will notify that the message has been marked as phishing and will be moved to the Deleted Items folder

4. Our Cyber Security team will receive your report and investigate


Reporting a spam SMS

If the text message is from an unknown sender, or from a sender you are not familiar with, we recommend you do not reply.

Responding to the text will confirm that your number is active and might actually result in you receiving more messages, or even voice calls.

Instead, you may report the text to your network operator. To report a spam text forward the text to 7726. You may get an automated response thanking you for the report and giving you further instructions if needed.

You will not be charged for sending texts to 7726.

An easy way to remember ‘7726' is that they are the numbers on your telephone keypad that spell out the word ‘SPAM'.


Back to the top


Related content

Cyber Security

Business email compromise: dealing with targeted phishing emails

Data Loss Prevention (DLP)

Cyber Security training

Cyber Security Compliance

Microsoft Report Message add-in (external website)

Think before you click: Check your information

Attached files:

Was this article helpful?

If you have any further comments, please put them below.

Please note that feedback is anonymous - if you require a reply or assistance, please raise a ticket via ServiceLine.

Thank you for your feedback, it is much appreciated.

Tweet This Article

Back to List

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.