How to Get the Report Phishing Extension for Office 365

The following article describes the report Phishing button installation process for Office 365.

When a Phishing Campaign is underway and users start receiving phishing emails, they have several choices: they can either open, inspect, and ignore the email, click a link, provide their credentials, and fall for the phishing attempt, or report the suspicious email.

Report Phishing Extension is a special button that appears on the email message taskbar in the right top corner. This allows users to easily report suspicious emails and helps organizations assess the effectiveness of their anti-phishing training. It also provides valuable feedback on areas where additional training may be needed.

To proceed with getting the extension, please navigate to the phishing menu in your admin console, and press on the "Extensions" menu: image-png-Jan-24-2024-02-17-32-3185-PM

Insert the email address to which the reported emails will be forwarded into the "Report To Email" field and press save afterward:image-png-Jan-24-2024-02-20-53-9551-PM
We recommend creating a direct email (or group), for that. Example: incident-response-team@yourdomain.com, reportedemail@yourdomain.com, etc.
Once the email is saved, you can use the manual according to the platform you are on.

Installing the extension:

As an Admin, navigate to the Microsoft AppSource page and look for the extension via the top search bar.
Once on the page, press Get it Now.


You will be forwarded to the Microsoft 365 Admin Center, Integrated Apps section. (requires admin login)
Once there you will be presented with an option to deploy the app, select the desired user(s)/groups to whom the app should be deployed, and press next.

Next, accept the app permissions and proceed further:

Once done, proceed to finish deployment:

Once the app is deployed, you should see the Wizer extension icon when you open up emails
image-png-Jan-24-2024-03-15-05-7909-PM
The following will be shown once you open the extension and an email is selected:
image-png-Feb-28-2024-12-58-00-5516-PM

The extension will show up with a hook logo in the web version of Outlook as in the screenshot above, yet if you don't see it due to the number of extensions used, you can pin it.

The phishing report button is available for the desktop version of Outlook. One of the steps of add-in installation in the Outlook Admin panel is a selection of who should have it installed: All Users / Groups / Specific Users. 


To do so, select a message press more actions, and select Customize actions:
image-png-Jan-24-2024-03-17-28-0649-PM


In the Customize actions make sure the Report Phishing extension from the Wizer checkbox is selected, press save.
image-png-Jan-24-2024-03-18-30-6780-PM


Once the above steps are done, you should be all set.


In case you already had our extension installed


As we constantly work towards improving our product, new extension versions will be released that might include new or changed functionality.
Since the app is not updated automatically for users, as an admin you can navigate to the integrated apps and approve the update:
While selecting the app from the list the below window should inform about pending updates to the extension and provide you with an option to install them:
image-png-Feb-28-2024-01-06-28-9956-PM

The update window will provide a summary regarding the update as shown below:
image (1)-png-3

Once you install the updates the latest app version will be deployed to your organization or users (depending on the deployment type you chose initially).

Users Interactions with Extension

When a Wizer user reports a Wizer simulation phishing email (clicks the phishing extension hook), the following happens:

  1. The user gets a congratulatory message "Well done! It was a simulation phishing email".

  2. The email will not be forwarded to the 'Report To' email address.

  3. The selected action will be applied to the email as it is set up in the Report Email Handling Settings.

  4. Admin will see the 'Reported' status in the phishing campaign report that the user reported this email.

When a Wizer user reports a non-Wizer simulation phishing email (clicks the phishing extension hook), the following happens:

  1. The user gets a congratulatory message "Thank you for doing your part to keep our organization safe".

  2. The email will be forwarded to the 'Report To' email address.

  3. The selected action will be applied to the email as it is set up in the Report Email Handling Settings.

When a non-Wizer user reports any email (clicks the phishing extension hook), the following happens:

  1. The extension will not react to clicks.

  2. The email will not be forwarded to the 'Report To' email address.

Frequently Asked Questions

I cannot follow all the steps in the instructions.  Some options are not available. Why?

  1. Permission issue: the admin is not allowed to upload custom apps/custom Outlook apps. Please check the user's permissions.

  2. The Settings on your organization's environment: the ability to upload custom apps besides teams is disabled, etc.

  3. Please check and adjust the configurations and permissions on your side.

 

 

Any questions? Please, contact our Support Team by emailing us at support@wizer-training.com.

Best regards,

wizer_logo_dark