Do you need to report email phishing? Find out if Cornell already knows about it, and thus no need to report it.

What you can do

• If you mistakenly click on what you discover was a phishing email, please contact us right away to ensure your credentials are not stolen.

Good news

You are not expected to report email phishes already known* to the IT Security Office (ITSO). Those known phishing emails are listed within Cornell's Phishbowl:

• http://www.it.cornell.edu/security/phishbowl.cfm

If you don't see the suspect email in the Phishbowl, you are encouraged to send the example directly to the IT Security <security-services@cornell.edu>, per the Phishbowl page, above.

• Not only can ITSO then add the example to the Phishbowl, they will often also ensure that links within phishing emails steer folks away from suspect web sites (and obviously one should not rely on that service!).

Too many of these phishing email, and it's ridiculous, isn't it?!

Learn not to get scammed

To help protect yourself and reduce you worrying if a suspect email is indeed a scam attempt, please review CIT's page on how to spot such fraudulent emails:

• https://it.cornell.edu/security-and-policy/spot-fraudulent-emails-phishing

See also

• Scam-proof Physics staff