The following article describes the report Phishing button installation process for Office 365.
When a Phishing Campaign is underway and users start receiving phishing emails, they have several choices: they can either open, inspect, and ignore the email, click a link, provide their credentials, and fall for the phishing attempt, or report the suspicious email.
Report Phishing Extension is a special button that appears on the email message taskbar in the right top corner. This allows users to easily report suspicious emails and helps organizations assess the effectiveness of their anti-phishing training. It also provides valuable feedback on areas where additional training may be needed.
To proceed with getting the extension, please navigate to the phishing menu in your admin console, and press on the "Extensions" menu:
Insert the email address to which the reported emails will be forwarded into the "Report To Email" field and press save afterward:
We recommend creating a direct email (or group), for that. Example: incident-response-team@yourdomain.com, reportedemail@yourdomain.com, etc.
Once the email is saved, you can use the manual according to the platform you are on.
Installing the extension:
As an Admin, navigate to the Microsoft AppSource page and look for the extension via the top search bar.
Once on the page, press Get it Now.
You will be forwarded to the Microsoft 365 Admin Center, Integrated Apps section. (requires admin login)
Once there you will be presented with an option to deploy the app, select the desired user(s)/groups to whom the app should be deployed, and press next.
Next, accept the app permissions and proceed further:
Once done, proceed to finish deployment:
Once the app is deployed, you should see the Wizer extension icon when you open up emails
The following will be shown once you open the extension and an email is selected:
The extension will show up with a hook logo in the web version of Outlook as in the screenshot above, yet if you don't see it due to the number of extensions used, you can pin it.
The extension is not available for mobile devices or iPads.
To do so, select a message, press More actions, and select Customize actions:
In the Customize actions make sure the Report Phishing extension from the Wizer checkbox is selected, press save.
Once the above steps are done, you should be all set.
In case you already had our extension installed
As we constantly work towards improving our product, new extension versions will be released that might include new or changed functionality.
Since the app is not updated automatically for users, as an admin you can navigate to the integrated apps and approve the update:
While selecting the app from the list the below window should inform about pending updates to the extension and provide you with an option to install them:
The update window will provide a summary regarding the update as shown below:
Once you install the updates the latest app version will be deployed to your organization or users (depending on the deployment type you chose initially).
Users Interactions with Extension
When a Wizer user reports a Wizer simulation phishing email (clicks the phishing extension hook), the following happens:
-
The user gets a congratulatory message "Well done! It was a simulation phishing email".
-
The email will not be forwarded to the 'Report To' email address.
-
The selected action will be applied to the email as it is set up in the Report Email Handling Settings.
-
Admin will see the 'Reported' status in the phishing campaign report that the user reported this email.
When a Wizer user reports a non-Wizer simulation phishing email (clicks the phishing extension hook), the following happens:
-
The user gets a congratulatory message "Thank you for doing your part to keep our organization safe".
-
The email will be forwarded to the 'Report To' email address.
-
The selected action will be applied to the email as it is set up in the Report Email Handling Settings.
When a non-Wizer user reports any email (clicks the phishing extension hook), the following happens:
-
The extension will not react to clicks.
-
The email will not be forwarded to the 'Report To' email address.
Frequently Asked Questions
I cannot follow all the steps in the instructions. Some options are not available. Why?
-
Permission issue: The admin is not allowed to upload custom apps/custom Outlook apps. Please check the user's permissions.
-
The Settings on your organization's environment: the ability to upload custom apps besides Teams is disabled, etc.
-
Please check and adjust the configurations and permissions on your side.
The phishing button is not visible. Do you know how I can fix it?
For the phishing button to be visible, please do the following:
-
Pin the extension if you don't see it due to the number of extensions used.
-
Update the extension by using the guide.
-
Reinstall the extension - How to Get the Report Phishing Extension for Office 365.
On the first use of the Report Phishing button, administrators will see a permission request prompt:
If a regular user (with no admin privileges) attempts to report an email before the permissions are approved, they can send a request to their administrator:
Until an admin grants the necessary permissions, the “Report Phishing” button will remain unavailable for all users.
Please validate this behavior on your end after approving the permission request. Once the approval is in place, let us know if the extension operates as intended. Please let us know if you have any questions.
The Report Phishing button is not supported for Outlook 2019 as Microsoft deprecated an old API, and modern Microsoft Graph API auth methods do not work out of the box in old Outlook.. We updated the UI, so it should display “your version of Outlook is not supported”. We are working on a solution, however, no ETA can be provided currently.
Report Phishing Button Checklist
Ensure you’re using a supported version of Outlook:
- Outlook 2013 or later (Windows)
- Outlook 2016 or later (Mac)
- Outlook on the Web (OWA)
To rule out session issues, try clearing browser cookies or opening the add-in page in an Incognito/Private tab.
If you’re on a Microsoft 365 Business or Enterprise tenant, installation might be blocked by an admin policy:
- Open Microsoft 365 Admin Center
- Navigate to Settings → Org Settings → Services → User-owned apps and services
- Ensure that users are allowed to install Office Store add-ins
- Integrated Apps section to approve the add-in for your organization.
Sometimes local Outlook clients fail, but OWA works. Click the “Open in Outlook Web” button from the error screen and test if the add-in loads there.
Press
F12
→ Go to the Console tab to check if any CSP, CORS, or API errors are blocking the install.If you’re under a CSP (Cloud Solution Provider) or in a heavily restricted corporate tenant:
- Ask your IT admin to review Office Add-ins policies and Microsoft Defender settings, especially if phishing add-ins are whitelisted/blocked.
Any questions? Please, contact our Support Team by emailing us at support@wizer-training.com.