The Phriendly Phishing Phish Reporter provides a simple way for staff to report potential phishing and scam emails easily with one click.
- Easy to identify if the reported email is a Phriendly Phishing email sent to that user
- Provide a custom experience to reassure your staff they are correctly identifying phishing emails
- One-click to report the phishing email to an internal email address of your choosing (e.g. your service desk)
- Phish Report to track Phriendly Phishing simulated, safe emails and other reported phishing emails.
The system can be using a centralised deployment in the Microsoft Office 365 Admin Centre.
Installation and feature requirements
The client must be one of the supported hosts for Outlook add-ins.
The following clients support add-ins:
- Outlook 2016 or later on Windows
Outlook 2016 or later on Mac
Outlook on iOS
Outlook on Android
Outlook on the web for Exchange 2016 or later and Office 365
Outlook business: Office.com or Office365.com or Outlook.office.com
Note: The client must be connected to an Exchange server or Office 365 using a direct connection. When configuring the client, the user must choose an Exchange, Office 365, or Outlook.com account type. If the client is configured to connect with POP3 or IMAP, add-ins will not load.
If the user is connected to Office 365 or Outlook.com, mail server requirements are all taken care of already. However, for users connected to on-premises installations of Exchange Server, the following requirements apply.
The server must be Exchange 2013 or later.
Exchange Web Services (EWS) must be enabled and must be exposed to the Internet. Many add-ins require EWS to function properly.
The server must have a valid authentication certificate in order for the server to issue valid identity tokens. New installations of Exchange Server include a default authentication certificate. For more information, see Digital certificates and encryption in Exchange 2016 and Set-AuthConfig.
To access add-ins from AppSource, the client access servers must be able to communicate with AppSource.
How to install the Phish reporter (Office 365 version)
1. Go to the Phish Reporter tab located in the left-hand side of your dashboard
2. Now that you are in the Reporter Settings page, fill in the mandatory fields with your company details and select ‘Save Settings’.
3. Once you have filled in and saved your settings you will need to navigate to the O365 details at the bottom of the page. From here you can download the required manifest file, to do this click ‘Generate Manifest File'.
4. Navigate to your Microsoft Office 365 Admin Centre then from the sidebar, Settings > Integrated apps. Integrated apps - Microsoft 365 admin center
5. Click on 'Add-ins' from the selection at the top of the page.
6. Select Deploy Add-in
7. On the new Deploy New Add-in screen that appears click Next.
8. Select Upload custom apps.
9. Select Choose file and then browse to select the manifest file you previously downloaded in step 2.
10. Select Upload.
11. For testing purposes please assign specific users or test groups. Select Next.
Note: If you are using a group you must select a 'Microsoft 365' group. 'Distribution', 'Mail-enabled security(Distribution list)' or 'Security' groups will not register.
10. Select Save.
You will see that the add-in is installing.
11. A Your Add-in has been deployed’ message will appear. Click Next.
12. Click Close.
Note: The Phish reporter Outlook add-in could take up to 12 hours to display in users' Outlook Ribbon. - User may need to relaunch Office.
13. Once available we would recommend logging into the global admin account and reporting an email. The first time you report an email are required to log in and will be presented with the below screen.
The add-in will ask for permissions and if you are a global administrator will have the option to “Consent on behalf of your organization’. If you tick this and press accept your users will not see this prompt to accept the permission.
To view the entire user experience please view our O365 Phish Reporter User Guide.
For additional information on using Phish Reporter for O365, including the end user experience of logging into their O365 account, refer to our O365 Phish Reporter User Guide.