How to Report Phishing Emails
Why is cybersecurity in such a poor state? Companies spend large amounts of money in an attempt to ensure that their systems are as impenetrable as possible. Security experts also invest time and resources into educating themselves as well as others and trying to stay on top of all the new trends. Yet, vulnerable systems, scams, and successful cyberattacks are all around us. Why is that?
To put it simply, scams, cyberattacks and vulnerable systems are all around us because the Internet is an enormous place. You can spend thousands installing and setting up a new system with the latest security features, but by the time you've got it all up and running, someone on the other side of the world has already figured out how to break it.
You can also waste a huge amount of time trying to teach users how to stay safe on the Internet, and yet, you can be pretty sure that the next time they open their inbox, they'll click a link or two without giving it much thought. There's just too many people on the World Wide Web, and you can never really be sure what every one of them would do under certain circumstances.
Yes, it sounds very dystopian, but these are the facts, and right now, cybersecurity experts know that they can't stop all the attacks. They are doing everything they can to thwart as many as possible, however, and by flagging and reporting phishing emails and pages, you too can help make the Internet a tiny bit safer.
Why do we need to report phishing emails?
Everybody wins if you report phishing emails on a regular basis. The email providers are happy because their users enjoy a better overall experience. Internet companies like PayPal who get targeted by these types of scams are happy because their customers don't lose access to their accounts or money. You are happy as well because you've probably helped an innocent user stay out of trouble. But how do you report phishing emails exactly?
The procedure is relatively simple as long as you know where to look. Open the phishing email and click on the little arrow next to the reply button. From the Drop-down list, you need to select "Report phishing".
Once again, it's a couple-of-clicks affair. Open the phishing email, click on the arrow next to the "Junk" button, and click "Phishing scam".
With Yahoo!, things are a bit more complicated. If you're using Yahoo! Mail's classic layout, you can select the checkbox next to the phishing email, click the little arrow next to the "Spam" button in the toolbar, and select "Report a Phishing Scam". If you're using the Yahoo!'s new interface, however, the little arrow next to the "Spam" button is gone, and there doesn't seem to be any other method of reporting phishing emails to Yahoo!
In fact, users have complained about the lack of phishing reporting tools, and they've been told that their only option at the moment is to contact Yahoo!'s support department and hope for the best.
Reporting phishing through social media
Just search for the #phishing hashtag on Twitter, and you'll see how ubiquitous the threat is. You'll also see that plenty of people are trying to use the power of social media to warn both inexperienced users and companies whose clients are targeted by phishing campaigns.
If you decide to go down this path, make sure you tag the correct company account. Otherwise, your alert might end up lost among the thousands of tweets and posts coming out every second. If you're adding a screenshot, take the time to obfuscate your personal information.
Admittedly, this could be a frustrating experience as some companies don't react to phishing alerts as well as they should. If you've embraced the idea of trying to help, however, it's worth a try because when you think about it, phishing attacks are the easiest ones to stop from a technical standpoint. Actually, it could be all down to a hosting provider's Abuse team suspending an account or removing a few files. They need to know about the phishing attack, however, and by sounding the alarm bells, you can definitely help.