US-CERT is collecting phishing email messages and web site locations so that we can help people avoid becoming victims of phishing scams.

You can report phishing to us by sending email to phishing-report@us-cert.gov

Forward the message, including the headers.

• You can forward a message without double clicking to open it in a new window. Highlight the email in the message list of your inbox and follow the directions for your particular mail client:

  In Netscape/Mozilla/Thunderbird Mail
  

  • Select View > Headers > All
  • Select Message > Forward As > Inline
  • Address the forwarded message to phishing-report@us-cert.gov

  
  In Outlook Express

  • Forward the message As an attachment.
  • Address the forwarded message to phishing-report@us-cert.gov

  
  In Mulberry

  • Select Message > Forward. Select the option Include Headers in quote. Click the Forward button.
  • Address the forwarded message to phishing-report@us-cert.gov

  If you are using an alternative to these email clients, please consult your documentation for instructions on how to forward messages with headers.

• In Outlook Express, you can create a new message and drag and drop the phishing email into the new message. Address the message to phishing-report@us-cert.gov and send it.

• In Outlook Express you can also open the email message^* and select File > Properties > Details. The email headers will appear. You can copy these as you normally copy text and include it in a new message to phishing-report@us-cert.gov.

• If you cannot forward the email message, at a minimum, please send the URL of the phishing web site.

Learn More About Phishing

• Avoiding Social Engineering and Phishing Attacks
• Protecting Your Privacy
• Understanding Web Site Certificates
• Anti-Phishing Working Group (APWG)
• Federal Trade Commission, Identity Theft