One of the broadest layers of defense against attacks by bad actors on Cornell's digital resources is the awareness and reporting of suspicious activity by the university’s students, faculty, staff, and alumni.

“Our customers have been great about forwarding us emails they think might be phishing,” said CIT senior security engineer Kyle Szuta. “Based on their observations, we’ve been able to mitigate many threats that had potential to do a lot of damage. For years, we wanted to make it easier for anyone to report messages they suspect are harmful, but lacked the correct tool until recently.”

The new solution, PhishAlarm, is an add-on button that will appear in Cornell Microsoft Outlook and Gmail email clients. Cornellians can use this button to send alerts to the IT Security team. Although the tool is simple for customers to use, it packs a punch in the amount of metrics it provides for the IT Security team to analyze.

Szuta said, “PhishAlarm allows us to streamline the way we identify which suspected threats are the most urgent, and we can also compare our data with the vendor’s collated real-time threat assessments to provide an automated ranking in terms of its likely level of danger.”

Following a successful pilot by CIT staff the IT Security team is implementing PhishAlarm for the rest of the CU community on March 11, 2024.

To use the new tool, select the suspicious message and then click on the PhishAlarm icon. Confirm your intent to report the message as phishing to forward the email to the ITSO, which also prompts a short Thank You pop-up message. At this point the suspicious messages can be deleted or for Outlook users, it will automatically be moved to your junk folder.

See the IT@Cornell website for details and more images that help pinpoint the location of the new PhishAlarm button in various email interfaces.