Phishing refers to phone or email scams made by fraudulent parties, that attempt to trick you into divulging personal information such as

  • Usernames
  • Passwords
  • Credit card numbers
  • Bank account information. 

Phishing emails will use scare tactics, urgent requests and attachments to trick you. 

If you are asked in an email to open an attachment or click on a link, assume it is phishing. 

They claim and are made to look like they are from organizations with whom you have a legitimate business relationship.   

Phishing attacks can come in the form of a phone call or email message. 

See Monthly examples by clicking here

How do I avoid phishing scams?

  • Be suspicious of ANY email that asks you to provide personal information by replying to the message or clicking a link.
  • Be suspicious if:
    • The sender is unknown (and be aware that the scammers can make the email to appear to be from a trusted source)
    • The email is not expected
    • Anything seems out of the ordinary, like format, grammar or reply-to address.
  • Remember that neither MSU nor any reputable company will EVER ask for a username or password vial email.
  • When in doubt, ask for help before you act.  Contact the UIT Service Desk at 406-994-1777 and ask them to take a look or contact the company who purportedly sent the message as you would normally to verify the message's content. 

I received a phishing email. Now what?

  • Use the Outlook Report Button

    • What is the Outlook Report Button?

      • The Outlok Button allows you to report a phishing email via your Outlook desktop applicationOutlook on the web or Outlook mobile application.

      • This is the easiest and fastest way for your to report Phishing!

      • Using thew Report Button will empower University Information Technology to review the email and take immediate action.

      • We ask you to report phishing emails using the Outlook Report button. 

      • Once you report a Phishing email using the Outlook Report button, the process will automatically move the email into your deleted items. 

      • The Outlook Report button will not appear in third party mail applications.

      • We recommend that all students and staff utilize the Outlook mail application or Outlook on the web. 

    • How do I use the Outlook Report Button?.

      • Instructions for OWA: Outlook Online (Web Access)
        • Without Opening Email
          • If you can identify that the email is Phishing, without opening it, you can report it using this process. 
            1. Right Click on the row of the Phishing email. 
            2. Look for the work REPORT with a Shield to its left. 
            3. Click on this and report it as Phishing.
  • Phish Button in Outlook Web Access
        • Email Is Opened /  Inside the Email
          •  If you opened the email, and then realize it is Phishing, follow these steps: 
            1. In the top left corner, you will see the Red Shield withthe word Report.
            2. Click on the downward chevron
            3. click on "Report Phishing"
  • OWA Phishing Button inside email
      • Instructions for Installed Outlook  application on a PC
        • Without Opening Email
          • If you can identify that the email is Phishing, without opening it, you can report it using this process. 
            1. Right Click on the row of the Phishing email. 
            2. Look for the work REPORT with a Shield to its left. 
            3. Click on this and report it as Phishing.
  • Windows PC Outlook Installed App Phishing Email Not Opened
        • Email Is Opened /  Inside the Email
          1. Click on the email message you would like to report.
          2. Click the Outlook Report button, in the top left corner of the email you want to report.
            • Alert Button in Email in Outlok App
          3. You will receieve a pop-up windown with the message  "Phishing messages are designed to obtain your personal information by impersonating popular brands or including malicious links in the body of a message."
            • Outlook Phishing Report Button Next Screen pop-Up
          4. Click the Outlook Report button, to report the message
          5. You will then see a banner appear in the top of the email that you report 
            • Outlook Phishing Reporting Button Post Report Banner
      • Instructions for Outlook on Mac
        • Without Opening Email
          • If you can identify that the email is Phishing, without opening it, you can report it using this process. 
            1. Right Click on the row of the Phishing email. 
            2. Look for the work REPORT with a Shield to its left. 
            3. Click on this and report it as Phishing.
            4. Phishing Mac Outlook Installed App Email Not Opened
        • Email Is Opened /  Inside the Email
          • Open your Outlook application.
          • Click on the email message you would like to report.
          • Click the Phish Alert Report button, in the top right corner of the email you want to report.
        • Outlook Phishing Button Location Mac
          • You will receive a pop-up window with the message  "Phishing messages are designed to obtain your personal information by impersonating popular brands or including malicious links in the body of a message."
        • Outlook Phishing Button Pop-Up Mac
          • Click the blue Report Button, to report the message
  • Report Phishing via Forwarding
  • If you receive a phishing message, instead of using the Outlook Alert Button, you can also forward it to phishing@montana.edu and then delete it promptly.

If you think you might have responded to a phishing scam with your MSU username and password, immediately change your password and notify the UIT ServiceDesk at 994-1777.

More information

Visit Stay Safe Online's Spam and Phishing section for more information on how to stay safe online and protect your personal information.