Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

How to Forward the Header of a Phishing E-mail

 

It is important that the original communication you received is included, as well as Internet headers. The following instructions will assist you in forwarding a phishing communication to us.

In MS Outlook
You can forward a message without double clicking to open it in a new window. Highlight the e-mail in the message list of your inbox and follow the directions for your particular mail client:

  1. Create a new message
  2. Drag and drop the phishing e-mail into the body of the new message. This ensures the original message is contained as an attachment with the appropriate Internet headers.
  3. Address the message to phishing@irs.gov and send it

Or

  1. Open the phishing e-mail message*
  2. Select View > Options. The Internet headers will appear. You can copy these as you normally copy text
  3. Forward the original message to phishing@irs.gov, with the copied message headers pasted into this message

In Outlook Express
You can forward a message without double clicking to open it in a new window. Highlight the e-mail in the message list of your inbox and follow the directions for your particular mail client:

  1. Create a new message
  2. Drag and drop the phishing e-mail into the body of the new message. This ensures the original message is contained as an attachment with the appropriate Internet headers)
  3. Address the message to phishing@irs.gov and send it

Or

  1. Open the phishing e-mail message*
  2. Select File > Properties > Details. The Internet headers will appear. You can copy these as you normally copy text
  3. Forward the original message to phishing@irs.gov, with the copied message headers pasted into this message

In Mulberry
You can forward a message without double clicking to open it in a new window. Highlight the e-mail in the message list of your inbox and follow the directions for your particular mail client:

  1. Select Message > Forward
  2. Select the option Include Headers in quote. Click the Forward button.
  3. Address the forwarded message to phishing@irs.gov

In Netscape/Mozilla/Thunderbird Mail

  1. Select View > Headers > All
  2. Select Message > Forward As > Inline
  3. Address the forwarded message to phishing@irs.gov

If you are using an alternative to these e-mail clients, please consult your provider for instructions on how to forward messages with Internet headers.

If the methods above do not work, at a minimum, please send the underlying link of the phishing Web site.

If the suspicious e-mail includes a file attachment, it is safer to simply highlight the message and forward it. Some configurations, especially in Windows environments, may allow the execution of arbitrary code upon opening and viewing a malicious e-mail message.

The IRS can use the information, URLs and links in the suspicious e-mails you forward to trace the hosting Web site and alert authorities to help shut down the fraudulent sites.

Main phishing resource page:
How to Report and Identify Phishing, E-mail Scams and Bogus IRS Web sites
 


Page Last Reviewed or Updated: June 09, 2008