Report Phishing E-mail - Cofense Reporter


Report Phishing E-mails

The LSU IT Security and Policy (ITSP) Team has deployed Cofense Reporter, an application that provides users the ability to report suspicious e-mails to the ITSP team quickly and efficiently. The application will be available for all @lsu.edu mailboxes automatically without any user intervention.

The application is implemented with the University's Office365 environment and is compatible with the following mail clients:

 

IMPORTANT NOTE: 

  1. The application is not compatible with non-Outlook mobile clients such as Apple Mail or non-Outlook desktop e-mail clients such as Thunderbird.
  2. The application will only work for LSU's e-mail addresses, i.e. @lsu.edu e-mail mailboxes in Office365. The application will not be available for departmental e-mail services.
  3. If you do not see the Cofense Reporter icon in the Outlook client, please check the following:
    • Is the Cofense Reporter icon available in Outlook Web Access? (mail.lsu.edu)
    • Please ensure your system is configured to receive Windows and Windows Products (including Office) updates. If your system is on the lsu.edu domain, it will automatically receive the updates.
    • Ensure "Optional connected experiences" are enabled. To check go to File > Options, select the "Trust Center" from the left sidebar, click the Trust Center Settings" button. A new "Trust Center" window will pop up. Select "Privacy Options" on the sidebar and click the first "Privacy Settings..." button. In the new "Privacy Settings" window the Enable optional connected experiences box must be checked. If the box is not checked your client will not be able to download and utilize the plugin. 
    • After running the Windows Update, if the icon still does not appear, please contact ITSP at security@lsu.edu

 

How to report a suspicious e-mail using the Outlook Web Client (OWA):

Note: Currently, Microsoft is rolling out a new experience for OWA. You may have been moved to the new experience automatically or could have opted into the new experience manually. The instructions below highlight user experience for both old and new experience.

1. Select the e-mail you believe to be a phishing message (Note: Do NOT click any links within the message or reply to the message).

2.     Open the email then locate and click the three dot action menu for "More actions." At the bottom of the list, select the purple and gold fish icon for the opened/selected message. (We recommend adding the report phishing icon to the top menu to make it easier to find and use by following these steps below: How to pin the Report Phishing icon in OWA)

   Menu list item under new Outlook experience


3. Once clicked, a message will appear on the right side of the browser window requesting you to select "OK" to report the e-mail to the ITSP Team.  
Note: This add in relies on the ability to access LSU's Cofense Reporter server to load additional scripts and information to process the phishing report. Certain applications, like Privacy Badger, or other privacy-focused applications that can block external scripts, cookies, etc from loading, may hinder your ability to load the files required to submit a phishing message. If your privacy plugins are interfering with loading the plugin, please add "phishme.lsu.edu" to your plugin's whitelist. 

Additionally, IE users may experience difficulty loading the plugin when accessing mail at "outlook.office.com." If the plugin fails to load in IE, please navigate to outlook.office365.com instead or use an alternate browser.

OK button in the Report phishing pop up

  • After "OK" is clicked, the e-mail and all relevant information related to the e-mail will be reported to the ITSP Team. The e-mail will also be removed from the Inbox.

 

[back to top]

How to Pin the Report Phishing Icon in OWA

To make it easier to report phishing, you can pin the report phishing icon to the top of each message, next to the reply and forward buttons.

  1. From the top toolbar in OWA, select the Settings cog and search for "message surface"
    Search for message surface in the OWA settings menu
  2. Select Message surface to open the Message surface settings.
  3. From the Customize actions > Message surface menu, check the box for Report Phishing.
    Select the box for report phishing to enable it on the message surface
  4. The report phishing icon will no longer need to be found under the action items menu when you would like to report a message.

[back to top]

How to report a suspicious e-mail using the Outlook Desktop Application:

1. Select the e-mail you believe to be a phishing message (Note: Do NOT click any links within the message or reply to the message).

2. Locate and click the purple and gold Report Phishing icon located at the top right of the options bar (ribbon) for the opened/selected message. An example from an Outlook Desktop Application is below:

Report Phishing button - Outlook desktop app


3. Once clicked, a message will appear on the right side of the e-mail window requesting you to select "OK" to report the e-mail to the ITSP Team.

"OK" button in the report phishing pop up


  • After "OK" is clicked, the e-mail and all relevant information related to the e-mail will be reported to the ITSP Team. The e-mail will also be removed from the Inbox.

[back to top]

How to report a suspicious e-mail using the Outlook for Android or iOS:

Cofense reporter is now available as an add-in for Outlook on Android and iOS.

1. Open the message that you would like to report. Press the "..." in the top right corner for the message (not the "..." in the top of the application)

2. Select the Report Phishing button in the bottom drawer.

Report Phishing button - Outlook mobile


3. The add-in will process the message. Click "OK" in the report phishing window to submit the -mail and all relevant information to the ITSP team. The e-mail will be removed from the inbox.

"OK" button in the report phishing pop up


     

[back to top]

If you have any questions regarding Cofense Reporter, please reach out to the LSU IT Security and Policy Team at security@lsu.edu.

19636
6/9/2020 10:54:50 AM