The Brock Information Technology Services (ITS) team is encouraging faculty, staff and students to help protect the University’s data and systems by reporting suspicious emails.

Phishing emails can appear to be legitimate and are used by cybercriminals use to steal sensitive information or gain access to devices through malware installed when a recipient clicks on a link. These emails often include:

• Urgent or threatening language that pressure users into acting or responding.
• Requests for personal or financial information.
• Messages that are unusual, unexpected or seem too good to be true.
• Incorrect information or spelling and grammatical errors.

As well as forwarding suspicious emails to [email protected] for analysis and response, Brock students, faculty and staff can report emails through the Microsoft Outlook desktop app or the Outlook web app. Messages reported as phishing are automatically removed and forwarded to Brock ITS for analysis and response.

To report a message through the Outlook desktop app, open the Inbox, select the email and click either the Report or the Report Message dropdown on the Home ribbon. From there, click either Report Phishing or Phishing.

To report a message through the Outlook web app, open the Inbox, select the email, click either the Report dropdown on the Home ribbon and then click Report Phishing.

When Brock users report phishing emails, the ITS team is able to analyze the threat, alert others who may have received similar messages, block malicious senders and enhance security filters.

“Even when a message turns out to be legitimate, each report enhances our ability to detect and respond to potential threats,” says Sean Meloney, Intermediate Information Security Analyst. “We encourage everyone to continue reporting any messages that seem unusual. Every submission contributes to a safer, more resilient campus.”

Analyzing these reports also allows for the identification of malicious links and attack techniques, which can be shared with cybersecurity authorities or organizations to support efforts in tracking cybercriminal activity and preventing future incidents.