Is this email safe to open? How to check a suspicious or phishing email
If you receive an email and are not sure whether it is safe, follow the guidance below before opening links, attachments, or replying.
This guide helps you determine whether an email might be spam, phishing, or malicious.
đź‘Ť If you are sure the email is spam or phishing
If the email is clearly spam or a phishing attempt, you should report it using the Report button in Outlook.
This allows IT and Microsoft to analyse the message and block similar emails.
See how to report emails here:
Outlook Desktop Application Video!
Outlook Web App Online Video!
🤔 If you are unsure whether the email is safe
If you are not sure whether an email is legitimate, the IT team can investigate it for you.
To investigate, we need access to the email headers, which are only available when the email is attached to a ticket.
How to send the suspicious email to IT
- Open the email in Outlook
- Right-click the email
- Select Copy
- Paste the email file into a Suspicious Email Service Request ticket Suspicious Email SR
OR
Drag and drop the email into a new email message and send it to IT.
Watch how to do this here: Drag and Drop
⚠️Important security advice
To stay safe, always follow these rules:
- Do not click links or open attachments in suspicious emails
- Do not reply to the email unless you are certain the sender is trusted
- Do not click unsubscribe links in suspicious emails
-
Replying to spam confirms your email address is active and may result in more spam
Known legitimate emails you may receive
ESR – Prod Workflow Mailer
Emails from Prod Workflow Mailer are legitimate notifications from ESR.
If you are unsure about the message, you can log into ESR directly and check the notification within the portal.
Microsoft Phishing Training Emails
You may receive a message titled:
"You have training(s) to complete"
These emails are part of phishing awareness training.
For more information about these training emails, click here