Do not respond to the email. Contact the ITS Support Center to verify the legitimacy of the email. The Support Center will need a copy of the email in question. You can forward the email as an attachment to support@gmu.edu for review.

If you already know it is phishing, then you can report it to Microsoft and Ironport to strengthen their filters. You'll need to forward the email as an attachment to phish@office365.microsoft.com and phish@access.ironport.com.

Remember, Mason will never ask for your username/NetID and password in an email!