Skip to main content

Microsoft Outlook Report a Phish Ribbon Button Add-in Installation Instructions

Melissa
  • Updated

Team: Huntress Managed Security Awareness Training (SAT)
Product: Phishing
Environment: SAT Portal
Summary: The Microsoft Report a Phish Button add-in can be used to allow Huntress Managed SAT phish emails to be sent directly to the SAT portal and recorded as a reported phish email.

This is currently in Open Beta. Try it out and share any feedback you may have with us! 

While this add-in doesn't support Blocking email addresses, you can still use our Forward Reported Phishing Attempts feature to send messages to another email address or directly to Microsoft at phish@office365[.]microsoft[.]com for non-Huntress-based phishing emails.  

 

The Microsoft Outlook Report a Phish Ribbon Button add-in provides users of Huntress Managed SAT with a method to report suspected phishing messages. Reporting simulated phishing emails originating from Huntress results in an immediate message congratulating the learner and a record in Huntress platform to include in reports. Messages that are not simulated phishing sent by Huntress are forwarded to the email address designated in the administrator portal.
 

Requirements
End User Experience
Integrated Ribbon Button Installation
Updating to a New Version
Removal / Reinstallation
 

Requirements

You must be using one of the following Microsoft Outlook options. 

New Outlook for Windows

Outlook on the web

You can also only use this option if you have licensed Microsoft 365 accounts

For all other Outlook options, including Classic Outlook, please see the Reading Task Pane Install option. 

 

End User Experience

Upon clicking the ribbon button, users will be prompted to confirm that they believe the email to be malicious in nature and phishing, rather than spam. Emails reported by this method will be deleted.

prompt.png

 

This will result in one of two follow up messages: 

Result 1: If the email is a simulated phishing email from Huntress, the user will be congratulated on their success and the reported phish will be logged.

success.png

Result 2: If the email is not a simulated phishing email from Huntress ,the user will receive a message stating the phish was reported, and the message was successfully reported as malicious. 

image (7).png


Integrated Ribbon Button Installation

  1. Log in to your administrator portal at mycurricula.com. If you are an MSP, choose the desired tenant (organization) you wish to add the integration to. 
     
  2. Access the Admin Settings page and navigate to Settings > Phishing.
     
  3. Locate the Report A Phish Button Add-in for Outlook section. Here you will find the latest install information for both Report a Phish add-ins

     
  4. Accept permissions required for the add-in by clicking the Accept Microsoft Permissions button - this will open a consent page in a new browser tab. Only a Microsoft 365 admin for your organization will be able to authorize consent. If consent is not authorized here, you will be required to authorize consent before users are able to use the add-in.
     
  5. A new tab will open for the Microsoft permissions request page.  Log in with your Microsoft 365 admin account. Review the required permissions and click Accept.

     
  6. On successful authorization, you will be redirected to the Authorization Complete page.

     
  7. Return to your Huntress Managed SAT Curricula admin portal Settings page. Click +View Details under Integrated Ribbon Button. This will show additional details regarding the add-in. 

     
  8. Click Download installation manifest to download the HuntressLabsRAPManifestRB.xml manifest file for manual installation.  This will generate an installation manifest unique to your organization. MSP channel partners must drill into individual customer organizations to download the correct manifest.

     
  9. Log in to your Microsoft 365 admin center and go to the Integrated Apps manager (Settings > Integrated Apps).  Click on the Add-ins link. Alternatively, you can access the Add-ins manager directly.
     
  10. Once in the Add-ins manager, click Deploy Add-in.
     
  11. A window for the Centralized Deployment service should now be displayed.  Review and click Next.
     
  12. Click on Upload custom apps.

     
  13. Choose I have the manifest file (.xml) on this device and click Choose File to select the HuntressLabsRAPManifestRB.xml file you downloaded. Click Upload to upload the manifest to be deployed.

     
  14. On the Configure add-in screen, choose which users can access the add-in button and the method you want to use to deploy the add-in. It is recommended to use the default Fixed method for deployment and to allow all users access to the add-in. Click Next.
     
  15. Review the add-in permissions and click Save.

     
  16. A screen confirming deployment of your add-in should display.  Please note that it can take up to 72 hours for the add-in to be completely deployed to your users. 

     
  17. Installation is now complete.  You may now Close the pop-up window or continue to the next screen to review additional tips for your deployment.

 

Updating to a New Version

New features for this add-in may require an updated manifest to be uploaded and deployed. New versions will be available for download on the Huntress Managed SAT admin portal as they are released.

  1. Log in to the Huntress Managed SAT admin portal and download the updated manifest file for the add-in you want to update.
  2. Log in to your Microsoft 365 admin center and go to the Add-ins manager page.
  3. Select the Report a Phish add-in to display a configuration window.
  4. Click Update add-in on the bottom right hand corner of the window.
  5. On the Update Report a Phish pop-up, select I have the manifest file (.xml) on this device and click Choose File.
  6. Select your new manifest file and click Update. Please note that updates may take up to 72 hours to be deployed to your users.
  7. You may be required to re-authorize permissions in order to use the update. This can be done on the Huntress Managed SAT admin portal Settings page.
     

Removal / Reinstallation

  1. Log in to your Microsoft 365 admin center and go to the Add-ins manager page.
  2. Select the Report a Phish add-in to display a configuration window.
  3. Click Remove add-in on the bottom right hand corner of the window.
  4. Click Remove on the confirmation pop-up.
  5. Confirm it has been removed by refreshing and double-checking the Add-ins page before attempting to re-install the XML manifest file.
  6. To re-install the manifest file, refer to the steps to reinstall in the Installation section.

Related articles