The Phish Alert Button, which has been provided by our cyber security training partner, KnowBe4, is a great tool to use for reporting suspicious emails. Using this tool allows you to easily report email threats to OIT for analysis and then deletes the email from your inbox to prevent future exposure. Once reported, the tool will provide immediate feedback letting you know if the message you reported was a simulated phishing test or something else. 

If you receive a suspicious email message that you suspect is a phishing attempt, then use the Phish Alert button to report it. Please review the information below to learn more about the Phish Alert button and how to use it.

NOTE: YOU SHOULD NEVER FORWARD A SUSPICIOUS EMAIL TO OIT OR TO ANY OTHER INDIVIDUAL. YOU JUST NEED TO USE THE PHISH ALERT BUTTON, AS SHOWN BELOW.

**This guide covers how to use the Phish Alert button from a desktop. For steps to use the Phish Alert button in the Gmail app on your mobile device, please check out this article.**

1. The email in the following screenshot is fraudulent. Click on the fish hook icon to begin the reporting process:

2. Here you will want to click "Phish Alert" to confirm that you want to report it as a phishing attempt:

3. You will then get the following confirmation message. The message in the example appears if the email was a phishing test. If it was not a phishing test, there will be a different message, but the process is identical.