How to Report Bad - Malicious Email

This article explains how to report a bad or malicious email for the Email Guardian team to analyze. 

Please do not forward a malicious email to [email protected] as this does not allow the email to be processed securely.

You can use either of these options: 

• Click the RED "Report Phish" button within your email client
• Forward the email to 911@[Yourdomain] to be processed. 

Please review the steps below

Office 365: 

Mobile device: 

The video below demonstrates how to use the Report as Phishing button and informs users about the banners that will appear on their suspicious-looking emails.

Reporting Options

We display a confirmation pop-up when an email is being reported and allow end-users to choose their reporting reason (Office 365 and Google Workspace customers only).

The end-user will have the option to choose why he is reporting the email as suspicious. If the user clicks Report without submitting a reason, the email will be reported. The following are the default options.

Don’t know this sender

Received a warning message

Impersonation attempt

Odd content

Pushing for sensitive information

Other: will open a free text box for the user to add his comment

The reported reason will be added to the report incident details:

Impersonation Protection Display

First Time Sender

This banner will appear when the recipients get an email from the sender that was in correspondence with them

Google Workspace: External and internal email addresses will be flagged

Office 365: Internal senders will not be flagged with the first-time sender banner Reference365

Can I report an email on behalf of an employee who forwarded it to me? OR there’s no Report Phishing Button?

Yes, an IRONSCALES system user can report a forwarded email using the 911 mailbox. This will open an incident in the Incidents tab on behalf of the first forwarder in the chain.

Forward the email to 911@[Yourdomain] to be processed.