Office 365 - Obtain Message Headers to Report Phishing - Plain Text



How to obtain the E-mail header information to submit a phishing E-mail report to the ITS Help Desk for processing. This works if the message is a plain text email message. You can tell the message format by looking at the title bar of the message window. It will appear as "Subject of Message - Message (Plain Text)"

In order for our E-mail filters to get updated, Information Technology Services needs to have some vital information from the original phishing message.  Simply forwarding the message to the Help Desk does not provide this information.  Here is how to obtain the "Source" and submit it to the Help Desk.  

This documentation is for the Outlook desktop client, not the web (OWA) client.  If you are using Outlook Web App (OWA), please see Office 365 - Obtaining Message Headers to Report Phishing (OWA) 

Note:  If the message is HTML, please see document - Office 365 - Obtain Message Source to Report Phishing - HTML

  1. Double-click the message to open it in a new window.

  2. Click on the "File" tab, then "Info", then "Properties".

  3. Select the header information by clicking inside the box and pressing Ctrl+A.  Then copy the text by right-clicking then choosing "Copy" or pressing Ctrl+C.

  4. Paste this text into a Word or Notepad document, save it, then email the file to the Help Desk ( This information will allow our system admins to block dangerous content at our firewall.
  5. Once again, select the message in your Inbox and click the "Junk" button at the top of the message list to block the sender.  This helps Office 365 to recognize the sender and block future messages. The message will automatically be sent to Deleted Items.
Was this article helpful?
0 out of 0 found this helpful