The University has various mechanisms for managing spam and phishing attempts conducted via email. ITS continues to work on reducing the volume of nuisance email delivered to Yale inboxes. In support of this work, there are actions you can take to protect yourself, including a recently released feature for Microsoft 365 to report messages.

 

What should I do if I've submitted my Yale NetId credentials to a phish?

Call the ITS Help Desk at 203-432-9000 and report that your credentials have been compromised.

 

Determining if an email is considered spam or phish.

The first step in knowing how to handle spam and phishing emails is to understand which type of message you have received.

• Spam is an unsolicited nuisance email.
  • These usually appear as commercial messages sent to many recipients.
  • These can also include any unwanted content.
  • Discard spam using the methods described further in this article.

• Phishing messages try to collect information.
  • These typically try to convince you to provide protected information, such as a password, or other non-public / sensitive information.
  • These often include links and/or attachments.   
  • Phish messages often appear to be sent from ITS, senior leaders, or other groups with authority.
  • Please report phishing messages using the methods described further in this article. 

 

Reporting Phish

Individuals should actively report phish messages. Reporting phish alerts our vendors Microsoft and Google, improving their phishing detection mechanisms, and providing better capability to block traffic from the same malicious actors in the future.

     Microsoft 365 Email

1. Select or open the message you'd like to report as spam.
2. In the Outlook Ribbon (toolbar), select the Report Message button and choose Phish.

     Following these steps will:

• • Immediately move the message to your Deleted Items folder.
  • The message will be analyzed and an automatic reply sent back to you with a verdict of the analyzed message.
  • Contribute to the spam reputation (score for tracking of complaints for sending spam) of the sender with various email reputation services. Higher spam reputation scores result in service providers blocking more mail from that sender.
  • You can also see Microsoft 365 Email: Blocking or allowing a sender for more information in managing your Block and Allow Senders lists in Microsoft 365.

     EliApps

     Please follow the directions in EliApps: Report Phish/Spam or Block a Sender to report the message as phish.

 

Reporting spam email

Yale manages spam using automated detection tools in the email service. Individuals may also use methods offered through the email system (Microsoft 365 or EliApps) to further manage spam on a personal level.

     Microsoft 365 Email

1. Select or open the message you'd like to report as spam.
2. In the Outlook Ribbon (toolbar), select the Report Message button and choose Junk.

     Following the steps will:

• Immediately move the message to your Junk folder.
• Adds the sender to your Blocked Addresses list, preventing the sender from reaching your Inbox again.
• Reports the message to our vendor, Microsoft, to improve their spam management Artificial Intelligence (AI), a tool the vendor uses to improve identification of these types of messages in the future.
• Contribute to the spam reputation (score for tracking of complaints for sending spam) of the sender with various email reputation services. Higher spam reputation scores result in service providers blocking more mail from that sender.
• For more information about managing your Block and Allow Senders lists in MS365, see: Microsoft 365 Email: Blocking or Allowing a Sender.

     EliApps

     Please follow the directions in EliApps: Report Phish/Spam or Block a Sender to report a message as spam.