In this article, you'll learn how to set up the Phish Alert Button.

1. Find the Phish Alert Settings Page

You can find the Phish Alert Settings Page under uPhish -> Phish Alert Button in the top menu bar within the usecure app.

2. Enable the Phish Alert Button

Toggle the Enable Phish Alert Button option ON.

3. Configure the settings in the Add-in Configuration tab

You will need to populate all the fields in the Add-in Configuration tab, and you can use the Reset button to apply default values.

  • Add-in Display Name

  • Add-in Version Number

    • This can initially be left at 1.0.0.0. It should only be changed when updating the Phish Alert Button once installed to M365

  • Action Label

  • Group Label

  • Provider Name

  • Icons for 64x64, 16x16, 25x25, 32x32, 48x48, 80x80, 128x128

    • These are used to white-label the Phish Alert Button

    • The image dimensions are strict and will not allow uploads of images that are the wrong size

After you have finished configuring your settings in the Add-in Configuration tab, save your settings using the Save button.

4. Configure the settings in the Forwarding & Submissions tab

You will need to select what happens when a user reports a suspected phishing email outside of a simulation in the Forwarding & Submissions tab. You can choose one or both options.

5. (Optional) Enable Submit Suspected Phishing Email to Microsoft for Analysis

Toggle this option ON to submit reported emails to Microsoft's anti-phishing team. This allows you to replace Outlook's phishing reporting features.

NOTE: This feature does not work on Outlook Mobile as it does not currently support SSO Authentication.

  • Submissions can be viewed in the M365 security portal

  • You will need to authorise an M365 SSO Service Application to report suspected emails on the user's behalf

6. (Optional) Enable Forward Suspected Phishing Emails

Toggle this option ON to receive email notifications to a desired email address whenever a user reports a suspected phishing email outside of a simulation. You will then need to populate the fields under this setting.

  • Forwarded Email Recipients

    • Add any email addresses you wish to notify of suspected phishing emails

  • Forwarded Email Subject

    • Text you enter here will be used as the subject line of the notification emails.

    • Use the provided Tokens to make the subject line more informative.

  • Forwarded Email Sender Name

    • Enter the desired name to be used as the sender of the email notification

  • Forwarded Email Sender Address

    • Email address the notification is sent from

    • This will use your account's preferred domain

  • Include Suspected Email as EML file attachment

    • Toggling this on will include a reproduction of the suspected email as an EML attachment

    • You will also need to enable and authorise a message data retrieval method for this feature to work

  • Include Suspected Email's Attachments in EML File

    • Toggling this on will add the suspected email's attachments to the reproduced EML file

    • Any inline images will only be displayed in the EML file if this feature is enabled

  • Retrieve Message Data via the MS Graph API on Behalf of a User using SSO

    • Enabling this will produce a much closer reproduction of the original email in the EML attachment

    • When this feature is enabled, you will be asked to authorise an M365 SSO Service Application during the Phish Alert Button installation This will allow the add-in to retrieve message data from the reporting user's mailbox

    • If you have previously installed the Phish Alert Button and enable this feature at a later date, you will need to update your manifest file in M365

    • This feature will not work on Outlook Mobile as it does not currently support SSO authentication

Once you have finished configuring the Forwarding & Submissions tab, save your changes by clicking the Save button.

7. Authorise the M365 SSO Service Application

NOTE: You will only need and be able to view and configure this tab if you enabled Submit Suspected Phishing Emails to Microsoft for Analysis or Retrieve Message Data via the MS Graph API on Behalf of a User using SSO)

In the Microsoft 365 Authentication tab you will be able to authorise your SSO Service Application. Click the Sign in with Microsoft button. If you can't see the button, please save your changes on the previous tabs.

  • When you click the sign in with Microsoft button, a new tab will open where you will be prompted to select or log-in to a Microsoft account

  • This account needs to be an administrator-level account for the M365 tenant you wish to provide authentication for

  • You will be prompted to accept the permissions requested by the service application

  • Upon a successful authorisation you will be redirected to the app and presented with a success screen. You can now close this tab

8. Download your add-in manifest XML

You will now need to go back to the Add-in Configuration tab on the Phish Alert Settings page. Use the Download Add-in Manifest XML button in the Outlook Add-in Manifest panel to save a manifest XML file that you'll need to install the phish alert add-in in Outlook.

Next steps

Did this answer your question?