Skip to main content
All CollectionsuPhishAllow users to report suspected phishing emails from their mailbox
Manually Submit Suspected Phishing Emails to Microsoft 365 Defender
Manually Submit Suspected Phishing Emails to Microsoft 365 Defender
Courtney Leacock avatar
Written by Courtney Leacock
Updated over a week ago

You can use the details in Phish Alert Report email notification to manually submit the suspected phish to Microsoft 365 Defender for analysis.

IMPORTANT NOTE: Emails over 30 days old cannot be submitted using the method below.

1. Open the Microsoft 365 Defender portal

Go to the Microsoft 365 Defender portal at https://security.microsoft.com

2. Go to the Submissions page

Select Investigation & response > Actions & submissions > Submissions from the menu on the left.

3. Complete the Submissions

Click Submit to Microsoft for analysis to open the form below:

  • Select Email from Select the submission type

  • Under Add the network message ID or upload the email file select Add the email network message ID

  • Enter the Network Message ID from your Phish Report Notification

  • Enter the recipient's email under Choose at least one recipient who had an issue

  • Select I've confirmed it's a threat under Why are you submitting this message to Microsoft?

  • Select Phish under Choose a category.

  • Click Submit to complete the process.

The email will be sent to Microsoft for review to improve the detection of phishing emails in Microsoft 365.

Did this answer your question?