How to Submit a Phishing Message to IT Support

  • You can help safeguard IUP’s email environment against phishing attempts by forwarding the phishing message as an attachment to abuse@iup.edu.

    What is done when you forward the phishing attempt message:

    IT Security will verify the message is a username/password phishing message. Depending on the type of phishing attempt, IT Security will either block replies to the phisher’s email address or block access to the link in the phish message from the IUP network, and potentially block the system/network that sent the message.

    Here's how to forward the message to abuse@iup.edu:

    1. Include the message in an email attachment: Forward all spear phishing messages as attachments. This gives IT Security personnel the information needed to block others from replying to the specific phishing attempts.
      • Microsoft Outlook on Windows: Open a message by double-clicking it. Within the Message window, in the Respond group, click More to get the option of forwarding/sending as an attachment.
      • Microsoft Outlook on Mac: Click the Home tab and select Message. Click the Attachment button from within the ribbon bar to forward the message as an attachment.
      • Outlook Web App: Log into Outlook in a web browser. Click New message. Click the pop-out icon near top right-corner of the message window. This opens the message in its own window. Organize your windows so you can drag the desired message to the New Message window. The message will be included as an attachment. Add any relevant information and press Send. Note: If you are currently in Conversation view, all the messages within the conversation will be attached. If you only want a specific message to be attached, change your view to Messages before attaching.
      • Mozilla Thunderbird: Open the message you want to forward and select Message > Forward As > Attachment from the menu
      • Mac Mail App: Select the message, then choose Message > Forward as Attachment
      • Windows Mail: Right-mouse-click on the original spear phishing message in the message list pane and select Forward As Attachment
    2. Send the spear phishing email: To abuse@iup.edu.

    Do you help to manage an IT system at IUP?

    Security resources, procedures, and best practices are available for IUP system administrators.