How to report phishing scams to ProtonMail’s security team

Phishing scams are one of the most common ways for hackers to gain access to your online accounts or to plant malware on your device. By posing as a legitimate or trusted sender, an attacker tries to trick victims into clicking malicious links or downloading attachments. Please read our article about how to prevent phishing attacks to learn more.

If you receive a suspicious email, the most important thing is to NEVER click on links or download attachments. Simply mark the email as spam and report it to our security team.

How to report phishing to ProtonMail staff

ProtonMail encourages users to send suspected phishing emails to the ProtonMail security team. This allows our staff to analyze the email and improve our spam filters, thereby improving the safety of the entire ProtonMail community.

To report phishing in the web app (mail.protonmail.com):

1. Click on the “More” arrow button at the top right side of the phishing email and select “Report phishing” from the dropdown options.

2. A popup window will appear asking permission for ProtonMail to analyze the message and header. Click “Confirm” to send the message to our team.

To report phishing in the mobile app (Android or iOS):

1. With the phishing email open, tap on the “More” button at the top right side of the screen and select “Report phishing” from the dropdown options.

2. A popup window will appear asking permission for ProtonMail to analyze the message and header. Click “Send” to send the message to our team.

Post Comment

14 comments

  1. Anonymous

    There is no longer a tab available under “more” in my inbox, to be able to report phishing scams. Could you please tell us what to do?

  2. ProtonMail Support

    You need to click the More button in the message itself, next to Forward, not the one in the Inbox list. If you need further assistance, please contact our support team: https://protonmail.com/support-form.

  3. Suzanne Cerny

    I clicked on a link in this email. I was cleaning out my different categories in saved emails. I don’t know if I reported this to you when I received it. I clicked on the link “Confirm your account”. As it was slowly opening, I realized that I had made a mistake. I stopped the progress and now I am reporting this to you. I’ll go back to the list and click on the More button as you said to do, and report phishing.

    Content of message: Your account has been limited!

    Dear Customer,

    Your account has been limited until we hear from you.

    Why my account has been limited ?

    Possible unauthorised account access.
    Unresolved buyer disputes or credit card chargebacks.
    Violations of our User Agreement or Acceptable Use Policy.
    We Need Some information about you.
    Click the button below to Resolve your Account, please follow this link :

    Â Confirm Your Account

    Thanks,

    Copyright 1999-2018. All rights reserved.

  4. ProtonMail Support

    You may want to consider the instructions found at the following link as well: https://protonmail.com/blog/prevent-phishing-attacks/.

  5. CB

    I reported a phishing email to you that correctly ended up in spam. The email says they hacked my account and the email is lists my email address in the “from” and “to” headers, which they say proves they have access to my account. Is this true or just another way to trick people? Is there something I should do? Will I get a response from your phishing team?

    Thanks.

  6. ProtonMail Support

    Sounds like they spoofed your address and they’re using scare tactics. You won’t receive a reply to a phishing report, but our team does check the reports and takes appropriate action when needed.

  7. Nicolas rouillon

    I received an email apparrently from a hacker, the email appeared to he sent by myself to myself.

    It states that my email: [redacted] is hacked and it requests 1000 dollars in bitcoins

  8. ProtonMail Support

    Please see the article above for instructions on how to report this.

  9. Zicoyote

    I’m a hacker who goes after ransoming networks

    Please remove my email address

  10. ProtonMail Support

    Please contact our support team using the support form at https://protonmail.com/support-form.

  11. Werner nothnagel

    Fraudulent activity please stop the email adress urgently
    [hidden]@protonmail.com is a mail sent to client to obtain personal info under the false pretence of the company Direct Axis loans. They scam people using this mail adress please close this urgently to stop fraud. I have proof I can sent you as I was caught.

  12. ProtonMail Support

    Please contact our Abuse team: abuse(at)protonmail.com.

  13. Jason

    I am wandering if I have been hacked or have been a victim of phishing or spoofing
    what is the correct to che6 my Android for these scams. My phone doesn’t think for itself and apparently has a ghost. I have had Google mail accesss just disappear. I have had funds taken from suspicious phone numbes, contacts randomly appear. attached mailor-damen and shared contacs or apps within my device or through chrome, Google. I have been researching for 4 months but, to no avail. I also noticed someone using max security to follow with phone is there a way to block this suspicious activity. please I have keeped security logs, snapped numerous screen shots and used several different method s of security protocols. also my keyboard becomes sensitive and have error text going on I enjoyed the VPN here and will keep using. please contact or follow up

  14. ProtonMail Support

    If you have ProtonMail or ProtonVPN specific issues, you can contact our support team: https://protonmail.com/support-form or https://protonvpn.com/support-form.

Leave A Comment?