First, let's distinguish between the two. Spam is unsolicited, bulk commercial email designed to promote goods and/or services that may or may not be legitimate. Phishing email, and variants such as spear phishing, are designed to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and financial details by masquerading as a trustworthy entity. OIT has phishing samples here and additional information here.

When these messages make their way into your GT inbox, they should be reported according to the methods below. These messages should not be responded to and links within these messages should not be followed. After reporting, the messages can be safely deleted.

spam

From within the OWA client (mail.gatech.edu), mark the message as spam. This will help train the algorithms the flag spam.

phishing

These messages are more serious and may be difficult to identify. If you believe you've received a phishing message that hasn't recently been reported to the availability mailing list, please forward it immediately to helpdesk@cc.gatech.edu. If you're not on the availability mailing list, please sign up by following the instructions here.

Likewise, these messages should be forwarded *as attachments* to phishing@gatech.edu. OIT has guidance on how to forward a message as an attachment here.