Back to Header Analyzer

How to Report Phishing

Your reports help authorities track down cybercriminals and protect others

Why Your Report Matters

  • Helps law enforcement track and prosecute cybercriminals
  • Enables companies to take down phishing websites faster
  • Improves spam filters and email security for everyone
  • Provides data for cybersecurity threat intelligence
  • May help recover stolen funds in BEC cases
  • Protects others from falling victim to the same attack
  • Required for insurance claims and legal proceedings
  • Helps identify patterns in large-scale phishing campaigns

Received Phishing at Work?

CRITICAL

Contact IT/Security Team Immediately

Your company's incident response team needs to know right away

HIGH

Preserve All Evidence

Don't delete the email - IT needs to analyze it

HIGH

Follow Company Incident Response Procedures

Your organization likely has specific reporting protocols

MEDIUM

Report to External Authorities

IT team will coordinate with FBI/law enforcement if needed

Step-by-Step Reporting Guide

1

Forward as Attachment (NOT as Forwarded Email)

This preserves all headers for investigation

  • In most email clients: Create a new email
  • Drag the phishing email into the new message as an attachment
  • Or use 'Forward as Attachment' if your client has this option
  • Gmail: Click the 3 dots menu → 'Forward as attachment'
  • Outlook: Click 'More' → 'Forward as attachment'
2

Include Key Information

Help investigators by providing context

  • Date and time you received the email
  • What actions you took (clicked link, downloaded file, replied, etc.)
  • Any financial loss or compromised accounts
  • Screenshots of the phishing email
  • Any URLs or phone numbers from the email
  • The full email headers (if possible)
3

Report to Multiple Channels

Each organization plays a different role

  • Always report to FBI IC3 if there was financial loss
  • Forward to APWG to help track global campaigns
  • Forward to the impersonated company
  • Report to your email provider using their built-in tool
  • Forward to FTC for consumer fraud tracking
4

Do NOT Reply to the Phishing Email

Never engage with attackers

  • Don't click 'unsubscribe' - confirms your email is active
  • Don't reply with angry messages - waste of time
  • Don't try to 'hack them back' - could be illegal
  • Simply report and delete

U.S. Federal Authorities

FBI Internet Crime Complaint Center (IC3)

HIGH PRIORITY

Primary federal agency for internet crime including BEC, ransomware, and wire fraud

https://ic3.gov

When to report: Any phishing involving financial loss, BEC/CEO fraud, ransomware, or wire transfer requests

Federal Trade Commission (FTC)

HIGH PRIORITY

Consumer protection agency - tracks fraud trends and patterns

https://reportfraud.ftc.gov
spam@uce.gov

When to report: Identity theft, consumer fraud, deceptive business practices

U.S. Secret Service (USSS)

Investigates financial crimes and cyber-enabled fraud

Local USSS field office

When to report: Large-scale financial fraud, counterfeit currency phishing, payment card fraud

Industry Organizations

Anti-Phishing Working Group (APWG)

HIGH PRIORITY

Global industry association that shares phishing intelligence

https://apwg.org
reportphishing@apwg.org

When to report: All phishing emails - helps track global phishing campaigns

U.S. Computer Emergency Readiness Team (US-CERT)

National cybersecurity coordination center

https://us-cert.cisa.gov/report

When to report: Critical infrastructure targeting, large-scale attacks, advanced persistent threats

Impersonated Companies

PayPal

Forward phishing emails pretending to be from PayPal

phishing@paypal.com

Amazon

Forward phishing emails pretending to be from Amazon

stop-spoofing@amazon.com

Apple

Forward phishing emails pretending to be from Apple

reportphishing@apple.com

Microsoft

Forward phishing emails pretending to be from Microsoft/Office 365

phish@office365.microsoft.com

Google/Gmail

Forward phishing emails pretending to be from Google

abuse@google.com

IRS

Forward tax-related phishing emails

phishing@irs.gov

Bank/Financial Institution

Check your bank's website for their specific phishing/fraud reporting address

Email Provider & Hosting

Your Email Provider

Report phishing to your email provider (Gmail, Outlook, Yahoo, etc.) using their built-in 'Report Phishing' button

When to report: All phishing emails - helps improve spam filters

Sender's Email Provider/Web Host

Look up the sender's domain ownership and report abuse to their hosting provider

abuse@[provider].com

When to report: Helps get phishing sites taken down faster

Get Automated Analysis Before Reporting

Forward suspicious emails to PhishCheck for instant AI-powered analysis with detailed verdict, confidence score, and security recommendations. Then use our report to file with authorities.

Quick Reference: Most Important Reports

Any Financial Loss or BEC:

FBI IC3: ic3.gov

All Phishing (Helps Everyone):

APWG: reportphishing@apwg.org

Consumer Fraud:

FTC: reportfraud.ftc.gov

AI-Powered Analysis:

PhishCheck: phish@check.craigpeterson.com