Microsoft Outlook: How to Recognize, Avoid, and Report Phishing Emails

Phishing emails are messages that may or may not appear legitimate but are intended to obtain your personal information in order to steal your money or identity. Bank account information, credit card numbers, and passwords are examples of personal information that could be stolen. Knowing how to recognize phishing attacks and avoid them is especially important because such emails are becoming more common and complex.

How to Recognize and Avoid a Phishing Attack

When it comes to phishing attempts, there are various levels of quality. Less dangerous are the ones you can easily conclude they’re fraud due to poorly elaborated style, including spelling mistakes, and are not addressed personally. However, phishing emails often appear trustworthy to the victim due to their genuine and relevant appearance, especially when messages are individually designed and social engineering techniques are used.


Use the save desktop search solution Lookeen to improve your email management!

Even though some phishing emails are quite elaborate and thus pose a high risk, the attempts share some characteristics. Being aware of what to look for may be the best strategy for avoiding such, which is why companies should educate their employees.

1) Poor Language Style

Some phishing attempts appear very trustworthy due to their high-quality appearance; however, many phishing emails are poorly designed, including spelling errors. This is a clear indication that it is frivolous. Do not open or click on it, and instead instruct your email provider to route emails from such providers to your spam folder.

2) Demand for Urgent Action

Attackers frequently aim to rush victims into actions, which is why social engineering methods and threats of negative consequences are commonly used to compel users to take immediate action. Always examine an email for inconsistencies and avoid opening any links or attachments.

3) Faked Provider Address

It is especially important to check the consistency of email addresses, domain names, and links when suspicious about an email. Moving your mouse pointer over the link may reveal additional information about it. Furthermore, there are two simple rules to follow before opening a link or attachment:

1) Ignore the appearance of the email. Nowadays, attackers can easily create an email that appears professional and serious. You should not be impressed by company logos, names, or images, but you should always double-check a link before clicking on it.

2) Hover your mouse over the link to see its actual destination address. Ignore everything after the first slash but before the last dot before the slash, also known as the “second-to-last-dot2.” Scammers cannot change this part of any link because it is the “root domain name” and must be owned.

Example: the highlighted part cannot be modified.

4) Unfamiliar Salutation

In today’s digital world, attackers are increasingly able to obtain personal information about you. A quick search of your social media channels will often reveal information about friends and coworkers, making it simple to personalize phishing. However, if an email purporting to be from someone you know contains an unfamiliar or inappropriate word, you should be suspicious. It could be an indication of a phishing email.


Are you tired of searching endlessly for messages, contacts, or documents? Lookeen is your solution!

5) Suspicious Attachments and Email Requests

Nowadays, most work-related files are sent using collaboration tools like OneDrive. As a result, an email with an external attachment poses a risk. Be especially wary if it has an unfamiliar extension or one such as -zip., exe, or .scr, which are commonly associated with malware.

6) Request of Sensitive Information Like Payment Information or Login Credentials

Never enter your personal information unless you are certain that it is genuine. Remember that phishing attackers can easily create fake login pages that appear to be real nowadays. A request for private information is a common indicator of phishing emails and should always be treated suspiciously, especially if the importance of the action is emphasized.

7) Unrealistic Promises

Some emails appear to be too good to be true, and the reason is usually simple: they are! When messages make unrealistic promises, such as winning the lottery or receiving another type of reward for clicking on a link or opening an attachment, it is most likely a phishing email.

How to Report Phishing Attempts

When an email contains a phishing attempt, it is critical to take the necessary action and report it. You can protect yourself and others in this manner.

Use Outlook’s “Report Message” feature in the “Protection” section of the upper ribbon. This has several consequences:


  • The message gets removed from your inbox.
  • It helps Microsoft improve its automated phishing-detecting system.
  • Other people from your organization will not receive the same message

 Note: You might need to install the Outlook Add-in first.


A desktop search solution you can trust? Try Lookeen for free!

Report Phishing Emails in Outlook’s Mobile App

Step 1: Click the 3 dots next at the top of the email next to the trashcan symbol.

Step 2: In the drop-down menu select “Report Junk”.

Step 3: This enables you to select between “Junk” or “Phishing”.  

What has your personal experience been with phishing attempts, and do you have any additional tips? Feel free to share it in the comment section!


See you soon!

Aline & the Lookeen team

Share with:


Leave a Reply

Your email address will not be published. Required fields are marked *

Popular Posts:

Lookeen Newsletter

Subscribe to the Lookeen newsletter to get the latest updates and content first.