Articles in this section

Reporting Suspicious Emails (Phishing or Spam)

Introduction

The Hoxhunt button can be used for two use cases:

1. Reporting Hoxhunt training emails, read more: Reporting Hoxhunt Training Emails or Simulations

2. Reporting suspicious emails, that were not sent by Hoxhunt

This article will walk you through what happens when you report a suspicious email, separately for Outlook and Gmail.

Reporting suspicious emails in Outlook

Reporting suspicious emails in Gmail

Reporting suspicious emails in Outlook

When you receive a suspicious email and you think it might be either phishing or spam, report it with the Hoxhunt button. You can read more about the difference between phishing and spam here: Phishing v Spam - What is the difference?

You can report emails from:

  • Your personal mailbox
  • Share mailboxes. If you report an email from a shared mailbox, you need to be logged in with the shared mailbox account. Otherwise you will not be able to report the email from a shared mailbox. Read more here: FEATURE: Reporting from Shared Mailbox
    • If you cannot log in with the shared mailbox account, please follow your company's guidelines for reporting phishing emails. 

Step 1: Locate and click on the Hoxhunt button

Locate the Hoxhunt button in your email inbox and click on the Hoxhunt button.

Outlook_button_locations.png

You can read more about locating the Hoxhunt button in Outlook here: Locating Hoxhunt in Outlook

If you have trouble finding the Hoxhunt button check out: Troubleshooting missing Hoxhunt button

Step 2: Choose "Report as phishing" or "Report as spam"

A panel will open where you can choose if you would like to report the email as phishing or spam. We will first walk you through what happens when you report the email as phishing.

Read more about reporting as spam below at: Step 3.B: Choose "Report as spam"

Hoxhunt_reporting_options.png

Step 3.A: Report as phishing and potential additional features

What happens after you click "Report as phishing" will depend on what features your organization admin has enabled for you. The features can be enabled one by one, or all at once, depending on your organizations preference. Click the Hoxhunt button to see what is available for you!

We have outlined the options below:

Option 1: Report as phishing

When no additional settings are enabled (see below) you can simply choose to "Report as phishing". Then the email will be shared with your cybersecurity team for analysis. The faster you report phishing attacks to your security team, the safer you make it for others!

Report_as_phishing.gif

Option 2: Report as phishing and indicate if you acted on the email

When you organization has enabled the User Acted feature, you are able to indicate in your reported email if took any action on the email such as:

  • I replied to the email
  • I downloaded a file
  • I opened an attachment
  • I visited a link
  • I entered my password
  • I forwarded the email

If you did not take any action on the email, you can simply choose Report as Phishing and leave the "Already clicked something" empty. The faster you report phishing attacks you may have interacted with to your security team, the safer you make it for others and yourself!

Report_as_phishing_-_user_acted.gif

The email is then shared with your cybersecurity team for analysis and in the case you report that you took action, they can prioritize following up with you to take any action appropriate. 

Option 3: Request Instant Feedback

If your organization has enabled the Instant Feedback feature you can request Instant Feedback when you report the email. You can read more about Instant Feedback here: Identify malicious emails with Instant Feedback

Reporting_real_threat_-_Instant_Feedback_enabled.gif

Step 3.B: Choose "Report as spam"

If you have identified that email is spam, you can also report is as spam by selecting "Report as spam". When you do so:

1. The email will be moved to the Junk folder

2. The individual sender will be blocked from sending you more emails

Hoxhunt_reporting_options.png

Unblocking a blocked sender in Outlook

If you block a safe sender, you can unblock the address through your junk email settings.

If you no longer want to block a sender, you can unblock them as outlined here:

Block senders or unblock senders in Outlook on the web 

Reporting suspicious emails in Gmail

When you receive a suspicious email and you think it might be either phishing or spam, report it with the Hoxhunt button. You can read more about the difference between phishing and spam here: Phishing v Spam - What is the difference?

You can report emails from your personal mailbox.

Please note that Gmail does not allow you to report suspicious emails in shared or delegate inboxes with the Hoxhunt button. 

Step 1: Locate and click on the Hoxhunt button

Locate the Hoxhunt button in your email inbox and click on the Hoxhunt button.

Gmail_button_location.png

You can read more about locating the Hoxhunt button in Gmail here: Locating Hoxhunt in Gmail

If you have trouble finding the Hoxhunt button check out: Troubleshooting missing Hoxhunt button

What happens next will depend on which Hoxhunt button your organization has enabled for you. Hoxhunt has three button options in use:

1. Hoxhunt Private Gmail Add-on: Used by the majority of our customers who have started with Hoxhunt before 2022

2. Hoxhunt Workspace Add-on: Being rolled out to all customers during 2022 and will become the most commonly used add-on

 

Step 2.A: Report as phishing (Private Gmail Add-on)

Option 1: Report as phishing

When your organization has enabled the Hoxhunt Private Gmail Add-on, you can choose to Report the email. Then the email will be shared with your cybersecurity team for analysis. The faster you report phishing attacks to your security team, the safer you make it for others!

Gmail_-_Report_as_phishing.png

Option 2: Report as phishing and indicate if you acted on the email

When you organization has enabled the User Acted feature, you are able to indicate in your reported email if took any action on the email after you choose Repot such as:

  • I replied to the email
  • I downloaded a file
  • I opened an attachment
  • I visited a link
  • I entered my password
  • I forwarded the email

Then simply choose Ok to report the email and how you interacted with it.

If you did not take any action on the email, you can simply choose Report and leave the "Already clicked something" empty. The faster you report phishing attacks you may have interacted with to your security team, the safer you make it for others and yourself!

Gmail_-_Private_Gmail_-_Report_real_threat_-_User_acted.gif

Option 3: Report as spam

This option is not available for the Hoxhunt Private Gmail Add-on.

Step 2.B: Choose "Report as phishing" or "Report as spam" (Hoxhunt Workspace Add-on)

What happens after you click "Report as phishing" will depend on what features your organization admin has enabled for you. The features can be enabled one by one, or all at once, depending on your organizations preference. Click the Hoxhunt button to see what is available for you!

Gmail_-_Workspace_Add-on_-_Reporting_options.png

We have outlined the options below:

Option 1: Report as phishing

When no additional settings are enabled (see below) you can simply choose to "Report as phishing". Then the email will be shared with your cybersecurity team for analysis. The faster you report phishing attacks to your security team, the safer you make it for others!

Option 2: Report as phishing and indicate if you acted on the email

When you organization has enabled the User Acted feature, you are able to indicate in your reported email if took any action on the email after you choose Report such as:

  • I replied to the email
  • I downloaded a file
  • I opened an attachment
  • I visited a link
  • I entered my password
  • I forwarded the email

Then simply choose Report as phishing to report the email and how you interacted with it.

If you did not take any action on the email, you can simply choose Report as phishing and leave the "Already clicked something" empty. The faster you report phishing attacks you may have interacted with to your security team, the safer you make it for others and yourself!

Google_Workspace_Add-on_-__Report_Real_Threat_with_Response_Product_Enabled.gif

Option 3: Request Instant Feedback

If your organization has enabled the Instant Feedback feature you can request Instant Feedback when you report the email. You can read more about Instant Feedback here: Identify malicious emails with Instant Feedback

Google_Workspace_add_on_-_Instant_Feedback.gif

Step 3: Choose "Report as spam"

If you have identified that email is spam, you can also report is as spam by selecting "Report as spam". When you do so the email will be moved to the Spam folder.

Gmail_-_Workspace_Add-on_-_Reporting_options.png

Questions?

If you have any questions about reporting suspicious emails, please don't hesitate to reach out to our support team at support@hoxhunt.com 

Was this article helpful?
348 out of 374 found this helpful
Return to top

Related articles