Do you need to report email phishing? Find out if Cornell already knows about it, and thus no need to report it.
What you can do
- If you mistakenly click on what you discover was a phishing email, please contact us right away to ensure your credentials are not stolen.
Good news
You are not expected to report email phishes already known* to IT Security Office (ITSO). Those known are listed within Cornell's Phishbowl:
If you don't see the suspect email in the Phishbowl, you are encouraged to send the example directly to the IT Security <security-services@cornell.edu>, per the Phishbowl page, above.
- Not only can ITSO then add the example to the Phishbowl, they will often also ensure that links within phishing emails steer folks away from suspect web sites (and obviously one should not rely on that service!).
Too many of these phishing email, and it's ridiculous, isn't it?!