I received a phishing message. Should I forward it to IT?

"Anatomy of a Fish Hook" Diagram, source: WikipediaIf you are wondering if a message is phishing or legitimate, we are always happy to offer an expert opinion. In those cases, please feel free to forward the message to lshelp@ucdavis.edu, and we will get back to you shortly. You can also find our tips for recognizing phishing messages here.

If you think you may have accidentally responded to a phishing message, whether by email or by clicking on a link in a phishing message, please see this campus knowledge article on what to do: What should I do if I think I have responded to a suspicious email message?

But, if you are sure that a message is phishing, the short answer is that it’s not worth forwarding phishing messages to us or to IET in the vast majority of cases, as there is very little we can do about them.

The exception to this is when you receive a very novel or particularly convincing phishing message, where it seems very likely that the message may fool others into taking action. In these cases, please forward the message to lshelp@ucdavis.edu to give us a heads up!

For example, we had a recent spate of gift card scams that were highly targeted—they appeared to be from the department chair or dean and were sent just to faculty in the department. In those rare cases, we send out a blanket security notice to all of our clients. (But we try to be very judicious about sending out those notices so that they hopefully don’t just become more noise.) In these cases, it was very helpful for our clients to send in these messages to make us aware of them.

So, we encourage you to forward phishing messages to us (at lshelp@ucdavis.edu) in two cases:

  1. If you just want a second, expert opinion on whether or not it’s phishing, and
  2. If you think it’s a particularly convincing or effective phish.