Office 365 - Obtain Message Source to Report Phishing - HTML



How to obtain the full E-mail source information to submit a phishing E-mail report to the ITS Help Desk for processing. This works if the message is an HTML mail message. You can tell the message format by looking at the title bar of the message window. It will appear as "Subject of Message - Message (HTML)"

In order for our E-mail filters to get updated, Information Technology Services needs to have some vital information from the original phishing message.  Simply forwarding the message to the Help Desk does not provide this information.  Here is how to obtain the "Source" and submit it to the Help Desk.  

This is only possible from the Outlook desktop client, not the web (OWA) client. If you are using Outlook Web App (OWA), please refer to Office 365 - Obtaining Message Headers to Report Phishing (OWA) 

Note:  If the message is Plain Text, please see document - Office 365 - Obtain Message Headers to Report Phishing - Plain Text 

  1. Double-click the message to open it in a new window.

  2. In the "Message" tab on the ribbon toolbar, locate the "Move" section and click on "Actions" > "Other Actions" > "View Source"  The source will open in a new Notepad document.

  3. Click "File" > "Save As" in the Notepad document and save the text file to a known location (typically Downloads, Documents, or Desktop).
  4. Compose a new email message to the Help Desk ( and attach the text file you just saved.This information will allow our system admins to block dangerous content at our firewall.
  5. Once again, select the message in your Inbox and click the "Junk" button at the top of the message list to block the sender.  This helps Office 365 to recognize the sender and block future messages. The message will automatically be sent to Deleted Items.
Was this article helpful?
0 out of 0 found this helpful