Learn How To Report Phishing And Help Tackle The Menace

An average person receives around 35 to 40 emails in a day. More than 75% of these emails could be marketing emails, some of which might prove to be phishing attempts. Judging from this statistic, every person in the world must have received at least one such phishing email.

As you are now aware of how to distinguish a genuine email from a phishing email, you have identified an email as suspicious. You noticed that the email message had terrible grammar, or there were spelling errors. The email might also have had an unknown sender whose details are nowhere available on the internet. One thing is clear; the email has suspicious elements, and you are not going to open it. Now, the question that arises is: Is that enough? What else can you do when you receive such an email?

The right thing to do is reporting the occurrence to the security team in your IT department if your organization has one. Does your responsibility end with reporting the phishing attempt? For an average individual, it should. But if you are not part of any organization or you are in an SME that has no such facility, you should be aware of the proper procedure for reporting phishing emails.

Where Can You Report Scams And Phishing Attempts?

The following agencies or organizations can take the matter to its logical conclusion by investigating the case thoroughly.


  • The US Government-Authorized and Operated Website is the ideal place to look to for reporting such phishing attempts. This website provides detailed information on how to report/communicate with them and where to send a copy of your email message. It is also crucial to forward the scammer’s URL to enable them to investigate further. The website also has useful information about phishing scams and lists numerous examples that can help you to recognize a phishing email if you receive one.
  • The Anti-Phishing Working Group is another agency to whom you can report. This group is not a government-owned entity, but they do investigate such criminal attempts and take every case to its logical conclusion. Their website features a text box where you have to paste the contents of the phishing email. Remember to paste all details – header, subject, contents of the message, and also the additional links that you have received in the email.
  • You may not know it, but Google also provides an avenue for reporting such phishing emails. You can also report spoofed websites to Google to enable them to take suitable action and protect other members of the community from being affected by such attempts. Use this form to report the URL and other details to Google.
  • Federal Trade Commission (FTC) is one agency that provides an option for receiving such communication from users. They have an entire department on their website to cater to such complaints on phishing attempts, website spoofing, identity theft, and other fraudulent cases relating to phishing.
  • Unsurprisingly, the FBI also investigates such crimes by accepting complaints from citizens. However, you should have all the requisite information before filing the report. The FBI may have some questions they need to ask you. They will also probe whether you know the sender.
  • KnowBe4, the security awareness training firm, enables you to forward such email threats to the internal security team of your organization for analysis. The Phish Alert button also deletes the email from the user’s inbox to ensure that it does not come again.
phishing prevention
protection from phishing

What Is The Need To Report Phishing Activities?

Every citizen must report any wrongdoing if he/she notices the same. It can help IT security service providers to improve their systems. In the world of cybersecurity, a lot depends on knowing your adversary’s moves and strategies. Hackers are intelligent people who endeavor to be one step ahead of the security establishment. Hence, every phishing attempt must come to the notice of the IT security team or concerned agency.

As law-abiding citizens, it is our prime responsibility to have phishing prevetion service as well as keep our eyes and ears wide open and take necessary action to prevent an innocent and unsuspecting person from becoming a phishing victim.

Enterprise-class email protection without the enterprise price

For flexible per-user pricing, PhishProtection’s integrated email security solution protects your employees from business email compromise (BEC) and many other email threats. 24×7. On any device. With features you’d expect in more expensive solutions:

All Plans Come With

  • Stops business email compromise (BEC)
  • Stops brand forgery emails
  • Stop threatening emails before they reach the inbox
  • Continuous link checking
  • Real-time website scanning
  • Real time alerts to users and administrators
  • Protection with settings you control
  • Protection against zero day vulnerabilities
  • Complete situational awareness from web-based console

Join 7500+ Organizations that use Phish Protection

Phish Protection works with System Administrators, IT Professionals and IT Executives in thousands of companies worldwide. Sign up and protect your organization from phishing attacks in less than 5 minutes