Report Email Scams

Did you get a suspicious email or text?

If you received a suspicious email or text message, it may be a scam. Hackers may be trying to lure you into giving them personal information, like your password. They often do this by impersonating others, like someone from an IT help desk. Remember, ISU employees will never ask you for your password or login codes. Iowa State ITS will also never suddenly close your account. 

Here's what to do if you encounter a suspicious email or text.

If you received an email or text asking for personal info (like your password through a fake web form)...

• Report the message to the IT Security team, using the instructions below.

If you received an email or text asking for your MFA or login code...

• Send a message to the IT Security team, security@iastate.edu, describing the situation. The hacker may already have your password, but cannot yet access your account. The IT Security team will help you protect your account.

If you received a suspicious message and provided personal information, like your password...

• Send a message to the IT Security team, security@iastate.edu, describing the situation. The IT Security team will help you protect your account.

If you received a suspicious message and provided banking information, like a credit card number...

• Contact the ISU Police, describing the situation. Also contact the IT Security team, security@iastate.edu, who will help you protect your ISU account.

Report a suspicious message in Outlook

Microsoft Outlook has a built-in way for you to report phishing emails to the IT Security team. ITS prefers you use this method, since we will get a copy of the email and all the additional information we need to respond to the attack. Microsoft also gets a copy they can use to improve their phishing email filters.

In Outlook (desktop application) 

1. In the message list, select the message you wish to report 
2. At the top, make sure the Home tab is selected.
3. In the upper toolbar, select Report Message.
   
4. In the pulldown menu, select Phishing.
   

In Outlook (web application) 

1. With the suspicious message selected, click the Report button.
2. In the pull-down menu, click Report Phishing