Reporting Phishing E-mails

Subject: Identifying and Reporting Phishing E-mails

With reports of suspicious or phishing emails on the rise, it is important that you have the knowledge and tools to recognize and report a suspicious or phishing email and the proper manner to remove these types of potential cyber threat messages from your mailbox.

Phishing is a common cyber attack that targets individuals through email, text messages, phone calls, and other forms of communication. A phishing attack aims to trick the recipient into falling for the attacker’s desired action, such as revealing financial information, system login credentials, or other sensitive information.

As a popular form of social engineering, phishing involves psychological manipulation and deception whereby threat actors masquerade as reputable entities to mislead users into performing specific actions. These actions often involve clicking links to fake websites, downloading and installing malicious files, and divulging private information, like bank account numbers or credit card information.

Here is a sample of a suspicious or phishing email:

Included below are the steps we asked you to follow to properly report a suspicious or phishing email.  It is imperative when you are opening a suspicious e-mail you do not open attachments or click on any links embedded in the email.

When you receive a message you believe to be a phishing attempt, please do not delete it.  Report the message as a phishing attempt by clicking on the 3 dots next to the reply arrow(s) and choose "Report phishing":
 

You will then be prompted to confirm your reporting of the selected message as such, and it will be removed from your mailbox.  Information on the phishing e-mail will be retained by Google for threat analysis and they will attempt to catch similar messages in the future before they get to your mailbox or spread to other LACMA staff e-mail boxes.

Please create a ticket at https://support.lacma.org, to request assistance if unable to complete the process outlined above or if unsuccessful in reporting and removing a suspicious or phishing message from your email box.

We appreciate your support in reporting and removing potential phishing cybersecurity threats via the Google reporting process.