Body
In order for us to investigate phishing emails, we need two pieces of information sent to
security@uic.edu. It's ok to send each piece of information in separate emails to us.
- A copy of the body of the message, including the URL of any links in the email message.
The easiest way to accomplish this is to start a new email to security@uic.edu and drag and drop the suspicious email into the new email so it becomes an attachment.
- A copy of the full message headers, as a text file attachment.
Nearly all modern email clients hide the message headers from view - Which is normally a good thing! However, when we need to find the headers, the email clients can make it quite difficult to find them. For instance, you'll usually have to use a computer for this step as most mobile devices don't let you see the message headers at all.
Here is another website with instructions for older versions of Outlook and other email clients not supported by Technology Solutions:
MX Toolbox:
How to Get Email Headers
* Note: We cannot use images for our analysis, we must have the actual text.
** Also Note: Occasionally Gmail will flag the headers as a problem and not allow you to send them. In this case, you can copy and paste the message headers into Notepad, save them as a text file and send that as an attachment.