In this article, you'll find answers to common problems and FAQs on the Phish Alert Button.
Is the add-in compatible with Outlook Desktop on Windows?
The Outlook Add-in works best with the latest Microsoft 365 version of Outlook using the Edge (Chromium) WebView2 runtime. The add-in does support older versions of Outlook using EdgeHTML or Internet Explorer 11 based WebViews. However older versions of Outlook may not support the Add-in's full feature set. For example, the MS Graph message data retrieval integration requires Microsoft 365 version 2008 or higher.
Please note that the web browsers a user has installed have no bearing on the WebView type used. This is because the WebView is a separate Windows component from the browser application. You can find more information on how Windows and Office version affect WebView type here.
I can’t download the manifest file
You need to save your phish alert button settings before you can download your XML manifest file. The download button will not be available until you do this. However if the download button is active and you cannot download the file, please contact our support team to help you resolve the issue.
Why so many icons?
We know it’s a bit of a pain, we understand no one likes icon uploads. Microsoft expects these icon sizes to be provided in order to cover how an add-in is presented across each version of Outlook. There are freely available tools to export icons at various sizes. We’ve used this one internally but it is aimed at mobile apps and it takes a little effort to find the right exported images within the download provided.
What email addresses should I provide under Forwarded Email Recipients?
It’s best practice to create an email address specifically for this purpose or similar existing security alerts in your organisation. You can always use your work email address if you wish but it’s best not to if you expect high volumes of reports. No one likes an inbox of doom first thing in the morning.
Do I need to enable Retrieve Message Data via the MS Graph API on Behalf of a User using SSO?
We recommend that you enable this setting if you are using the EML attachment feature. It provides a much better representation of the email and is a necessity if you want to see any attachments. However we understand that providing a 3rd party access to user mailbox data may not be ideal. You can rest assured that the access granted is temporary and we only use it to retrieve message data for the email reported. This feature is optional and you do not have to use it to receive report notifications. You can always revoke our service application’s permissions in Azure at any time. The phish alert reporting process is designed to handle this use case. However we would recommend updating your phish alert button settings to generate a new manifest for redeployment if you disable this feature.
I can’t upload my manifest file
Manifest files downloaded from the platform should work without any modifications. So if you have changed the file you could encounter validation issues. If you’re unsure of how to fix your manifest please contact our support team. You will need to provide any validation error messages you receive and potentially your manifest file so that we can test it.
If you are trying to update an existing deployment please make sure you are following the update instructions. If so updates validation can fail if the IDs don’t match or the version number has not been incremented. Please go into your phish alert settings, change the version number if necessary (e.g. 18.104.22.168 to 22.214.171.124), redownload your manifest and then try again.
I’ve completed the deployment process, where’s my add-in?
Microsoft states that add-in deployment can take upto 6 hours to reach all your users. However it can occasionally take longer, potentially as much as 24 hours. Please allow for deployment time before raising this issue with Microsoft.
Outlook on Desktop and Mobile need to be restarted for add-in deployments or updates to come through. Similarly OWA will need to be refreshed or even require you to log out and back in to see add-in changes.
If you previously sideloaded your deployed manifest you will need to remove the associated custom add-in from the M365 account in question. The 2 add-ins will conflict and the deployed version may not come through.
You should also review the deployment’s audience to check that the user has been included.
I updated my Phish Alert Button settings but my add-in hasn’t changed?
Changing the phish alert settings will not necessarily update the add-in immediately. You will need to deploy the update via M365 to see changes made on the Add-in configuration tab or if you have enabled or disabled the Submit Suspected Phishing Emails to Microsoft for Analysis and/or Retrieve Message Data via the MS Graph API on Behalf of a User using SSO options.
Please download an updated manifest file from the settings page and complete the update process. Remember to increment your version number before uploading the manifest file.
I’ve deployed an update but it’s not coming through, what should I do?
Unfortunately it isn’t clear from Microsoft’s documentation how long updates take to deploy across an M365 tenant. They are also subject to many of the issues noted under “I’ve completed the deployment process, where’s my add-in?”. If your update has not come through after several days please raise the issue with Microsoft.
In some cases you may need to remove and redeploy the add-in in order to update it. This should always be a last resort as the add-in may become unavailable to your users during the deployment time.
One of my colleagues says they have reported a simulation phishing email via the phish alert button, why can’t I see it?
You should be able to see which users have reported a phish simulation via the platform as well as totals at the simulation and organisation level. You may need to refresh/reload the page to see updated data. If you can’t see it after this, please contact our support team. Please note that we may need your colleague to reattempt reporting to diagnose any issues.
Phishing simulation test emails will not send a report back to the platform as per an actual simulation. However this add-in will act as such i.e. show the congratulatory message. If you wish to conduct an end to end test of the phish alert button please create a simulation limited to your test audience..