Phishing 101: How to identify and report a phishing attempt

Last updated: August 13, 2024

Alerting user there's a phishing attempt

Do you know what to do if you experience a phishing attempt? Protect your accounts and your data from phishing by following these tips to identify and report phishing.

What are the common red flags of phishing?

Phishing attempts may have one or more of the following red flags: 

A strong sense of urgency and/or odd requests

Phishing emails often request that you complete a task quickly so that you don’t have time to consider or think about the request. A common example is when attackers tell victims that their email account will be closed if they don’t take an action, such as clicking a click to provide their login credentials. View an example.

Request for sensitive or personal information

Legitimate organizations are unlikely to request sensitive or personal information through email, so a request for this information is often a sign of a phishing attempt. U of T staff, faculty and students will never be asked to share their UTORid password.

Spelling and grammar mistakes

Check for spelling mistakes and grammatically incorrect sentences. If you are already suspicious, these mistakes can be an indication of a phishing email. View an example.

Brief signatures and generic greetings

The email signature may be missing crucial information like an address or phone number, while the greeting may use phrasing such as “good afternoon,” “dear customer” or no greeting at all rather than your name. View an example.

Prompts to download attachments or click links

Phishing emails aim to trick you into opening attachments, clicking links or scanning QR codes that are malicious. Attachments might include fake images or icons to make it look like the sender is sharing a document you are expecting. Fake links might be hyperlinked so that the display text seems legitimate, but the hyperlinked address is malicious. View an example.

If you receive a suspicious email in your U of T inbox, follow the steps below to report it. 

What can I do if I suspect a phishing attempt?

  • Do not interact. Do not click on links, download attachments, provide personal information or forward it to your contacts.
  • Report the email by selecting the U of T Report Phishing button.
  • If you are not using Outlook, forward the email to report.phishing@utoronto.ca and then delete it from your inbox.
  • If you already engaged with the sender or clicked on a link or attachment, contact security.response@utoronto.ca immediately for assistance.

If you don’t know where to find the button, refer to the screenshots provided.

View for Outlook Web (OWA) users and PC desktop app users:

The U of T Report Phishing button is accessible directly from your toolbar. 

Outlook tool bar highlighting the U of T report phishing button on the right

View for Outlook mobile app users and Mac desktop app users:

The U of T Report Phishing button is accessible from the ellipses (…) in the email window.

Screenshot showing the location of the menu button that allows you to access the U of T Report Phishing function.
Screenshot showing the location of the menu button that allows you to access the U of T Report Phishing function.

If you don’t see the U of T Report Phishing button in OWA or your Outlook app, you may need to manually add it to your customized toolbar.