Skip to main content
Submit phishing emails to Microsoft for analysis

Learn how to submit user-reported phishing emails to Microsoft for analysis from Microsoft Defender.

Anna Cunningham avatar
Written by Anna Cunningham
Updated over 3 months ago

Submitting a phishing email to Microsoft for analysis serves as an additional security measure, as it helps improve Microsoft’s email protection and analyses all data associated with the submission, including the message content, headers and any attachments.

In this article you will learn:


How to submit a phishing email that a user has reported to Microsoft for analysis from Microsoft Defender

Once you have set up the Phish Alert Button and integrated it with Microsoft Defender, whenever a user reports a suspected phishing email using the Phish Alert Button in Outlook, the email will be sent to Microsoft Defender where it can be managed and submitted to Microsoft for analysis.

1. To submit an email to Microsoft for analysis, open the Microsoft Defender portal and navigate to the Submissions page on the left side menu panel by going to Investigation & response > Actions & submissions > Submissions.

You can access the Submissions page directly here: https://security.microsoft.com/reportsubmission

2. Click on the User reported tab to view the list of messages that have been reported by the users using the Phish Alert Button.

3. Select the message you want to submit for analysis and click on the option Submit to Microsoft for analysis.

4. Select the option Report phishing from the dropdown menu to complete the submission process.

5. The emails that have been submitted to Microsoft for analysis from the User reported tab will appear in the Emails tab. This is also where you can manually submit phishing emails to Microsoft for analysis if the Phish Alert Button hasn’t been integrated with Microsoft Defender.


Next steps

Did this answer your question?