Skip to main content

Microsoft Outlook Report a Phish Reading Task Pane Add-in Installation Instructions

Melissa
  • Updated

Team: Huntress Managed Security Awareness Training (SAT)
Product: Phishing
Environment: SAT Portal
Summary: The Microsoft Report a Phish Button add-in can be used to allow Huntress Managed SAT phish emails to be sent directly to the SAT portal and recorded as a reported phish email.

This is currently in Open Beta. Try it out and share any feedback you may have with us! 

While this add-in doesn't support Blocking email addresses, you can still use our Forward Reported Phishing Attempts feature to send messages to another email address or directly to Microsoft at phishg@office365[.]microsoft[.]com for non-Huntress-based phishing emails.  

 

The Microsoft Outlook Report a Phish Reading Task Pane add-in provides users of Huntress Managed SAT with a method to report suspected phishing messages. Reporting simulated phishing emails originating from Huntress results in an immediate message congratulating the learner and a record in Huntress platform to include in reports. Messages that are not simulated phishing sent by Huntress are forwarded to the email address designated in the administrator portal.

Requirements
End User Experience
Reading Task Pane Button Installation
Updating to a New Version
Removal / Reinstallation

Requirements

You must be using one of the following Microsoft Outlook options. 

Classic Outlook

New Outlook on Windows or macOS

Outlook on the web

Mobile Outlook (iOS, Android)

For New Outlook and Outlook on the web, you can also use our Ribbon Button install method. 

End User Experience

Upon clicking the reading task pane button, users will be prompted to confirm that they believe the email to be malicious in nature and phishing, rather than spam.

This will result in one of two follow up messages: 

Result 1: If the email is a simulated phishing email from Huntress, the user will be congratulated on their success and the reported phish will be logged.

In addition to the dialogue, task pane button users will also see a notification on the reported message.

Result 2: If the email is not a simulated phishing email from Huntress ,the user will receive a message stating the phish was reported, and the message was successfully reported as malicious. 

In addition to the dialog, task pane button users will also see a notification on the reported message.

 

Reading Task Pane Button Installation

  1. Log in to the Huntress Managed SAT administrator portal at mycurricula.com. If you are an MSP, choose the desired tenant (organization) you wish to add the integration to. 

  2. Access the Admin Settings page and navigate to Settings > Phishing.

  3. Locate the Report a Phish Button Add-in for Outlook section. Here you will find the install information for both Report a Phish add-ins. 

  4. Accept permissions required for the add-in by clicking the Accept Microsoft Permissions button - this will open a consent page in a new browser tab. Only a Microsoft 365 admin for your organization will be able to authorize consent.  If consent is not authorized here, you will be required to authorize consent before users are able to use the add-in.

  5. A new tab will open for the Microsoft permissions request page.  Log in with your Microsoft 365 admin account. Review the required permissions and click Accept.


  6. On successful authorization, you will be redirected to the Authorization Complete page.


  7. Return to your Huntress Managed SAT admin portal Settings page.  Click on + View Details in the Reading Pane Button section. This will show additional details regarding the add-in.


  8. Click Download installation manifest to download the HuntressLabsRAPManifestTPB.xml manifest file for manual installation.  This will generate an installation manifest unique to your organization. MSP channel partners will need to drill into individual customer organizations to download the correct manifest.
  1. Log in to your Microsoft 365 admin center and go to the Integrated Apps manager ( Settings > Integrated Apps ).  Click on the Add-ins link.  Alternatively, you can access the Add-ins manager directly.


  2. Once in the Add-ins manager, click Deploy Add-in.

  3. A window for the Centralized Deployment service should now be displayed.  Review and click Next.
  4. Click on Upload custom apps.



  1. Choose I have the manifest file (.xml) on this device and click Choose File to select the HuntressLabsRAPManifestTPB.xml file you downloaded.  Click Upload to upload the manifest to be deployed.


  2. On the Configure add-in screen, choose which users can access the add-in button and the method you want to use to deploy the add-in.  It is recommended to use the default Fixed method for deployment and to allow all users access to the add-in.  Click Next.
  1. Review the add-in permissions and click Save.
  1. A screen confirming deployment of your add-in should display.  Please note that it can take up to 72 hours for the add-in to be completely deployed to your users. 

  2. Installation is now complete.  You may now Close the pop-up window or continue to the next screen to review additional tips for your deployment.

Updating to a New Version

New features for this add-in may require an updated manifest to be uploaded and deployed. New versions will be available for download on the Huntress Managed SAT admin portal as they are released.

  1. Log in to the Huntress Managed SAT admin portal and download the updated manifest file for the add-in you want to update.
  2. Log in to your Microsoft 365 admin center and go to the Add-ins manager page.
  3. Select the Report a Phish add-in to display a configuration window.
  4. Click Update add-in on the bottom right hand corner of the window.
  5. On the Update Report a Phish pop-up, select I have the manifest file (.xml) on this device and click Choose File.
  6. Select your new manifest file and click Update. Please note that updates may take up to 72 hours to be deployed to your users.
  7. You may be required to re-authorize permissions in order to use the update. This can be done on the Huntress Managed SAT admin portal Settings page.

Removal / Reinstallation

  1. Log in to your Microsoft 365 admin center and go to the Add-ins manager page.
  2. Select the Report a Phish add-in to display a configuration window.
  3. Click Remove add-in on the bottom right hand corner of the window. 
  4. Click Remove on the confirmation pop-up.
  5. Confirm it has been removed by refreshing and double-checking the Add-ins page before attempting to re-install the XML manifest file.
  6. To re-install the manifest file, refer to the steps to reinstall in the Installation section.

Related articles