Log in links for this page

How to Report a Phishing Email

The following guide will outline the method for alerting the appropriate EOTSS personnel if you believe you have received a phishing email.

EOTSS Security Operations Center

The Details   of How to Report a Phishing Email

What you need   for How to Report a Phishing Email

The Commonwealth has been, and will continue to be, a target of phishing schemes and other web-based scams. It is incumbent upon us to remain vigilant.

Please follow the steps listed below if you have reason to believe you received a phishing email. 

Click here for instructions on how to use the PAB across Desktop, Web, and Mobile app versions of Microsoft Outlook

How to report   How to Report a Phishing Email

You are no longer required to manually forward suspect messages to the EOTSS SOC. Per EOTSS’s new incident reporting processes, the PAB should now be the primary method by which you report suspected malicious messages.

  1. The PAB icon should be visible in the Outlook ribbon at the top of your screen. 

    PAB user guide1
  2. When viewing a suspected message, click the PAB to the initiate the reporting process.

    PAB user guide2
  3. You will now have the option to classify the message as either PHISH/SUSPICIOUS, SPAM, or UNKNOWN and enter comments up to 360 characters in length (optional).

    PAB user guide3
  4. After classifying the suspect message and entering your comments, click the PHISH ALERT button.

    PAB user guide4
  5. After clicking the PHISH ALERT button you will receive a confirmation popup that the suspect message was successfully reported to the EOTSS SOC.

    PAB user guide5

Next steps   for How to Report a Phishing Email

What if I interacted with the Phishing Email?

In most cases, phishing emails can be deleted and ignored once appropriately reported. However, if you've interacted with a phishing email, such as clicked on a link or provided sensitive information in response, please reach out to the EOTSS Security Operations Center to discuss next steps.

Contact   for How to Report a Phishing Email

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.