You may have recently installed the Phish Alert Button in your mail client. This article will explain how the tool works and how to use it to protect your organization from malicious phishing email.

What time should I use it?

If you suspect you have been sent a phishing or other potentially dangerous email, click the PAB. All emails that you report using PAB will be deleted from your inbox. Your organization will receive the emails you report for analysis.

You should not use the PAB to report malicious intent in emails. You should not report spam or marketing emails to the PAB. These emails can be deleted or added to a blocklist.

How do I use it?

After the PAB addon has been installed, you can see the PAB either in one of these two ways.

1) The PAB add in will be at the top right of Outlook.

This is how to report an email as spam:

  1. While the email is still open, click the Phish Alert link.
  2. You will be asked if you wish to report the email as spam. To report the email click Yes or click Not.

2) The PAB add in will be displayed as a clickable Phish alert tab within any email.

This is how to report an email as spam:

  1. To open a drop-down menu, click the Phish Alarm tab.
  2. You will be asked if you wish to report the email as spam. To report the email, click the Phish Alert link.

Why should I use it

Your organization will be safer if you report emails. Your organization will be able to see which phishing attempts have reached their employees’ inboxes by reporting the emails. They can then better protect themselves against potential vulnerabilities once they are aware. Your organization’s protection against cybercriminals is dependent on you. Take a moment to look around and think!

Allow the Report Message and Report Phishing addins

Outlook Web App (formerly Outlook Web App) allows users to report false positives (good emails marked as bad) and false negatives (bad emails allowed) to Microsoft and its associates for analysis.

These submissions are used by Microsoft to increase the effectiveness of email security technologies. Imagine that many people report messages to the Report Phishing add in. This information is available in the Security Dashboard as well as other reports. This information can be used by your security team to indicate that anti-phishing policies may need to change.

Either the Report Message add-in or Report Phishing can be installed. The Report Message addon can be deployed in your organization if you want users to report spam and phishing messages. You can find more information at Enable the Report Message Add-in.

You can report spam and phishing messages using the Report Message plugin. Administrators can activate the Report Message addon for their organization. Individual users can also install it.

You can report only phishing messages with the Report Phishing addin. Administrators can enable the Report Phishing plugin for their organization. Individual users can also install it.

Individual users can activate both add-ins.

You can enable Report Message and Report Phishing addins for global administrators and Exchange Online administrators who have Exchange configured to use OAuth authentication. Both add-ins can be accessed through Centralized Defletion.

What are the essential things you should know before you start?

  • The Report Message and Report Phishing addins work with all Microsoft 365 subscriptions.
    • Outlook on the Web
    • Outlook 2013 SP1 and later
    • Outlook 2016 for Mac
    • Outlook integrated with Microsoft 365 apps Enterprise
    • Outlook app for iOS & Android
  • These add-ins cannot be used for mailboxes that are shared or in Exchange on-premises organizations.
  • You can use your existing web browser to support both the Report Message or Report Phishing addons. If the add-in does not work or is not available, you can try another browser.
  • To enable OAuth authentication for organizational installs, the organization must be set up. For more information, please see How to determine if centralized deployment of add-ins is possible for your organization.
  • Global admins are required to be members. For more information, please see Permissions on the Microsoft 365 Defender portal.
  • For more information about how to report a message via the Report Message feature of Outlook , please see Report false negatives and positives in Outlook .
  • Organizations that have a URL filtering or security solution (such as Proxy and FireWall) in place will need to have ipagave.azurewebsites.net and outlook.office.com endpoints allowed to be reached on HTTPS protocol.

Get the Report Message addon

Get the Report Message add in for yourself

  1. Go to the Microsoft AppSource at https://appsource.microsoft.com/marketplace/apps and search for the Report Message add-in. To go directly to the Report Message add-in, go to https://appsource.microsoft.com/product/office/wa104381180.
  2. Click GET IT NOW.
  3. Review the privacy and terms of service in the dialog and click Continue.
  4. Register using either your school or work account (for business use), or your Microsoft account for personal use.

Once the add-in has been installed and activated,:

Get the Report Message add on for your company

  1. In the Microsoft 365 admin center, go to the Settings > Add-ins page at https://admin.microsoft.com/AdminPortal/Home#/Settings/AddIns. Go to Settings > Integrated Apps > Add-ins to see the Add in Page.
  2. Scroll to the top and select Deploy Addin. Next, choose Next.
  3. You will see the Deploy new add-in flyout. Review the information and click Next.
  4. Next, click Select from the Store.
    • Click in the Select page, then enter Report message and click search.
    • Find Report message in the list and click Add.
    • Review the licensing and privacy information in the dialog and click Continue.
    • The Configure add in page will appear. Here are the settings:
    • Assigned users – Select one of these values:
    • All (default).
  • Groups
  • Only me
  • Select one of these values for the deployment method .
  • Fixed (Default).: The addin is automatically installed to the users specified and cannot be removed.
  • The add-in can be installed at Home> Get addins Administration-managed
  • Optional The add-in will be automatically installed to the users specified, but they have the option to choose to delete it.
  • After you are done, click Deploy.
  • The Deployment Report Message page will display a progress report and a confirmation that your add-in has been deployed. After reading the information, click Next.

You can review or modify the settings of the Report Message add in

  1. In the Microsoft 365 admin center, go to the go to the Settings > Add-ins page at https://admin.microsoft.com/AdminPortal/Home#/Settings/AddIns. Go to Settings > Integrated Apps > Add-ins to see the Add in Page.
  1. Select the Report message add in.
  2. You can review and modify settings in the Edit report Message flyout. After you are done, click Save.

Get the Report Phishing Add-in

Get the Report Phishing add in for yourself

  1. Go to the Microsoft AppSource at https://appsource.microsoft.com/marketplace/apps and search for the Report Phishing add-in.
  2. Click GET IT NOW.
  3. Review the privacy and terms of service in the dialog and click Continue.
  4. Register using either your school or work account (for business use), or your Microsoft account for personal use.

Once the add-in has been installed, enable it

Edit or review the settings of the Report Phishing add in

  1. In the Microsoft 365 admin center, go to the go to the Settings > Add-ins page at https://admin.microsoft.com/AdminPortal/Home#/Settings/AddIns. Go to Settings > Integrated Apps > Add-ins to see the Add in Page.
  2. Select the Report Phishing add in.
  3. You can review the Edit report Phishing flyout and make any necessary adjustments to suit your company. After you are done, click Save.

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here