Report abuse
Received spam, phishing or threats from an address ending in
@scrooglemail.com, or from a domain that sends through us? We want to
know. Our anti-abuse desk is staffed by people, reads every report, and takes
genuine action against accounts that break our
acceptable use policy.
What we need from you
- The full message headers (see below). Headers are the routing record of an email - without them we often cannot prove the message really came through our systems, because sender addresses are trivially forged.
- The message itself, ideally forwarded as an attachment rather than inline, so nothing gets rewritten on the way.
- A sentence or two of context: what happened, when, and whether it is ongoing.
- An address we can reply to, if you want to hear the outcome. Anonymous reports are accepted and investigated too.
How to find the full headers
Every mail client can show them; the menu wording just varies.
- Gmail: open the message, click the three-dot menu, choose
Show original, then copy everything on that page. - Outlook (web): three-dot menu on the message, then
View>View message source. - Apple Mail:
View>Message>All Headers(orRaw Source). - Scroogle Mail: open the message, three-dot menu,
View headers. - Anything else: search your client's help for "view message source" or "show original".
The result looks like a wall of lines starting with things like
Received:, From: and DKIM-Signature:. Do not
worry about reading it - just paste the whole lot in. The Received:
chain is what lets us match the message to a sending account in our own logs.
What happens next
We aim to acknowledge every report within one working day (Swiss business hours, CET/CEST), and to complete an initial investigation within three working days. Active phishing and malware are triaged ahead of everything else, usually within hours. If your report leads to enforcement action, we will tell you that action was taken - though not the details of the account concerned, for the same privacy reasons we would never discuss your account with a stranger.
What we can and cannot do
Honesty matters here, because our zero-access design cuts both ways.
We can
- Match a reported message to the sending account using headers and our delivery metadata
- Warn, suspend or terminate that account under the acceptable use policy
- Block sending patterns, throttle volume and bin outbound queues mid-incident
- Cooperate with Swiss authorities where valid Swiss legal process requires it
We cannot
- Read anyone's mailbox - stored mail is encrypted with keys we do not hold
- Proactively scan message content for abuse before it is reported
- Tell you who is behind an account, beyond what a court orders
- Act on messages that merely forge a Scroogle Mail sender address but never touched our systems - though report them anyway, as we track spoofing campaigns
What we can see - sending volume, complaint rates, authentication results - turns out to be plenty for catching abusers. Spam looks like spam from the outside.
Or use this form
If forwarding an email is awkward, paste the details here instead. It sends the same information to the same desk.
Other routes
- Security vulnerabilities in Scroogle Mail itself belong with security@scrooglemail.com, not the abuse desk - see the security page for our PGP key.
- Account or billing problems go to support@scrooglemail.com or the contact page.
- Urgent threats to life should always go to your local police first. We cooperate with Swiss authorities through the proper legal channels described in our privacy policy.