Forwarding Phishy Gmail Internet Headers
When you receive an email message that you suspect is malicious or a phishing attempt you could forward the message to firstname.lastname@example.org and include the message's Internet headers. Including the Internet headers will give us a much better chance in determining where the message really came from and if it is legit. Without including the Internet headers we have much less information to go on. Just forwarding the message itself does not include the necessary Internet headers. You could also use the "G Suite Message Header Analyser Tool" to help you determine if the message is legit.
Here's how to include the Internet Headers in a forwarded message to the NMU HelpDesk.
1. With the message open, in the upper right of the message click the "3 vertical dots" and select "Show Original". The Internet headers will be displayed in a new tab in the browser.
2. Click the "Copy to clipboard" button. A yellow "Copied to clipboard!" notification will show up at the top of the window. Close the "Original Message" tab in the web browser.
3. In the upper right of the message click the "3 vertical dots" and select "Forward" and "email@example.com" in the To: field to forward the message to firstname.lastname@example.org.
4. Put the cursor in the body of the message to be forwarded and use "Ctrl-V" to paste the headers from the clipboard into the body of the message.
5. Click "Send" to forward the message.