PhishAlarm Google Mail Add-On

For Students, Faculty, Staff, Guests, Alumni

What is Phishing?

Phishing is a fraudulent attempt to obtain sensitive information, such as personal details or account credentials, by disguising it as a trustworthy entity. These deceptive emails, messages, ads, or websites often mimic legitimate services you regularly use. For instance, you might receive an email that looks like it's from your bank, asking for confidential information like your account details.

Phishing scams can take various forms, including:

  • Requests for personal or financial information.
  • Prompts to click on suspicious links or download harmful software.
  • Impersonation of reputable organizations, such as your bank, workplace, or a social media platform.
  • Imitation of someone you know, like a family member, friend, or coworker.

Why Use PhishAlarm?

The PhishAlarm Google Mail Add-in makes it easy to report potential phishing emails with just a click. PhishAlarm is also available on your mobile device.

Here’s how to report suspicious emails using the PhishAlarm button:

  1. Open the email you suspect is a phish.
  2. On the right-side panel of the Google Mail interface, click the PhishAlarm button.

PhishAlarm button appears in the gmail panel on the right side of the screen

  1. On the “Report Phish?” screen, select Report Phish.

On the “Report Phish?” screen, select Report Phish.

  1. When prompted, select Report Phish again to send the suspicious email for analysis.

Confirm Report Phish

  1. After confirming your action, you'll see a message thanking you for the report.

Thank you for reporting a suspicious email. It has been forwarded to Information Security and Assurance for further review. Your actions are helping to keep University Email communications safe.

  1. A Service Desk ticket will be automatically generated to investigate the reported phishing attempt.

How to Avoid and Report Phishing Emails

To protect yourself from phishing attempts, follow these tips:

  1. Never share sensitive information (like usernames, addresses, bank details, or passwords) in response to unsolicited messages.
  2. Avoid entering your password after clicking on links in messages.
  3. Be cautious of messages that seem urgent or promise something that sounds too good to be true.
  4. Pause and think before you click any links or download attachments.

By following these practices, you can significantly reduce the risk of falling victim to phishing attacks.

For more information about phishing and spam, including current known activity at Fordham, subscribe to the Fordham SecureIT blog.

Need Help?


Walk-In Centers

McShane Center 266 | RH
Leon Lowenstein SL18 | LC

View Our Walk-In Hours