If your inbox is filling with phishing attempts, spoofed messages, and unwanted mail, knowing how to block suspicious emails in Outlook can reduce risk fast.
This guide shows the exact Outlook features that help you filter threats, report abuse, and keep legitimate mail flowing.
Why suspicious emails matter in Outlook
Suspicious emails are more than a nuisance.
They often try to steal Microsoft 365 credentials, deliver malware, or trick you into opening fake invoices, password reset requests, or urgent payment notices.
Outlook is part of the Microsoft ecosystem, so it benefits from layered protection such as Junk Email Filter rules, blocked senders lists, Microsoft Defender for Office 365, and phishing detection.
The key is knowing which control to use for which type of threat.
How to block suspicious emails in Outlook using built-in tools
Outlook gives you several ways to stop unwanted messages.
The right option depends on whether you want to block one sender, a whole domain, or repeated categories of spam.
Block a sender in Outlook
If a specific address is sending suspicious mail, block it directly.
- In Outlook on the web: open the message, select More actions, then choose Block or Block sender.
- In Outlook desktop: right-click the message, point to Junk, then select Block Sender.
This sends future mail from that address to Junk or Deleted Items, depending on your settings.
Block a domain in Outlook
Attackers often rotate individual email addresses but keep the same domain.
Blocking the domain can be more effective when the sender uses many variations.
- Go to Settings in Outlook on the web.
- Open Mail and then Junk email.
- Under Blocked senders and domains, add the domain, such as example.com.
This is useful for persistent spam campaigns, but use caution if the domain also sends legitimate messages.
Mark messages as Junk or Phishing
Reporting suspicious mail helps Outlook and Microsoft improve detection.
- Select the message.
- Choose Report message or Junk.
- If available, select Phishing for messages that impersonate trusted brands or request credentials.
Reporting is especially important for Microsoft 365 business accounts, where security teams may use the report to investigate wider attacks.
What settings should you review in Outlook?
Blocking one sender is only one layer.
Outlook’s filtering options can reduce future threats when configured correctly.
Check your Junk Email settings
The Junk Email Filter identifies low-quality or suspicious mail and sends it to the junk folder.
Review the filter level in desktop Outlook and make sure it is not set too leniently.
In Outlook on the web, the Junk Email settings let you manage:
- blocked senders and domains
- safe senders and domains
- automatic filtering behavior
Keep this list tight.
Adding too many safe senders can let unwanted messages slip through.
Use Safe Senders carefully
The Safe Senders list tells Outlook to trust messages from selected addresses or domains.
This is helpful for vendors, banks, or internal company systems that are mistakenly marked as spam.
Only add senders you truly trust.
If a sender has been spoofed before, adding it to Safe Senders can create more risk.
Turn on focused inbox or message filtering
Focused Inbox separates important mail from lower-priority mail.
It does not block threats by itself, but it helps you spot odd messages more quickly because suspicious mail often lands outside the Focused tab.
How to recognize suspicious emails before opening them
Even the best filter will not catch every threat.
A quick manual check can help you avoid phishing and business email compromise attacks.
- Sender mismatch: the display name looks familiar, but the actual address is unusual.
- Urgent tone: the message pressures you to act immediately.
- Unexpected attachments: especially HTML files, ZIP archives, or Office documents asking for macros.
- Suspicious links: hover before clicking to inspect the destination URL.
- Requests for credentials: legitimate organizations rarely ask for passwords by email.
Attackers commonly use brand impersonation, spoofing, and typo-squatted domains to look authentic.
A small spelling error in the domain can be a major clue.
How to block suspicious emails in Outlook for business accounts
If you use Microsoft 365 in a workplace, Outlook is only one part of the protection stack.
Administrators can strengthen email defense through Exchange Online and Microsoft Defender controls.
Use anti-phishing policies
Microsoft Defender for Office 365 includes anti-phishing policies that detect impersonation attempts involving executives, finance staff, and external partners.
These policies can be tuned to protect high-risk users and reduce lookalike account abuse.
Enable mail flow rules and tenant block lists
Administrators can create mail flow rules to block specific patterns, such as messages with dangerous attachments, external mail that pretends to be internal, or messages with suspicious URLs.
Tenant allow/block lists also help security teams block known malicious senders across the organization.
Train users to report suspicious messages
Human reporting is still one of the most valuable defenses.
Encourage employees to use the Report Message or Report Phishing button so security teams can investigate quickly and update filters.
What should you do after blocking a suspicious email?
Blocking the sender helps, but it does not remove all risk if you already interacted with the message.
- Do not reply: replying confirms your address is active.
- Delete the message: after reporting it, remove it from your inbox and deleted items if needed.
- Change your password: if you clicked a fake sign-in page, update your Microsoft account or work password immediately.
- Enable multi-factor authentication: MFA helps protect accounts even if credentials are exposed.
- Scan your device: if you opened an attachment or clicked a link, run Microsoft Defender or another trusted antivirus scan.
If the email appears to target your organization, notify IT or security teams right away so they can check for broader compromise.
How to reduce suspicious emails over time
Long-term inbox protection depends on consistent habits and strong account security.
- Keep Outlook and Microsoft 365 apps updated.
- Review blocked senders and safe senders every few months.
- Use a strong password and MFA on Microsoft accounts.
- Avoid publishing your primary email address publicly when possible.
- Use aliases or separate addresses for shopping, subscriptions, and work.
- Watch for spoofed notifications from Microsoft, PayPal, banks, and delivery services.
These steps reduce exposure and make phishing attempts easier to spot.
Common Outlook features that help with email security
Several Outlook and Microsoft tools work together to improve email safety.
- Junk Email Filter: identifies probable spam and low-trust mail.
- Blocked Senders list: prevents mail from specific addresses or domains.
- Safe Senders list: allows trusted mail through.
- Report Message and Report Phishing: supports threat reporting.
- Microsoft Defender for Office 365: adds anti-phishing and threat protection for business environments.
- Multi-factor authentication: protects the account even if a message succeeds.
Used together, these features create a layered defense that is much stronger than relying on a single spam filter.
When should you escalate a suspicious email?
Escalate any email that asks for login credentials, payment changes, gift cards, wire transfers, or confidential data.
Also escalate messages that impersonate executives, contain malware-like attachments, or claim urgent account action is required.
If a suspicious message appears to come from your organization, your bank, or a major cloud service, treat it as a potential phishing attempt until verified through a separate trusted channel.