Before deploying the button, we recommend customizing it. This can be done in the Add-In Settings tab under the Phishing Reporter menu on the Keepnet platform.
Once customization is complete, stay on the Settings tab. Scroll down to the bottom and click Manage and Download. A pop-up will appear—select Connect Account to proceed.
Log in to your Microsoft 365 account using your global admin credentials.
Once you log in, the Permissions requested pop-up window will display. Read the permissions, then click Accept.
The Microsoft Page View Phishing Reporter requires specific Microsoft Graph API permissions to function effectively within an organization’s Microsoft 365 environment. These permissions allow the application to interact with users’ emails, retrieve necessary details for reporting phishing attempts, and ensure smooth integration with the email infrastructure.
Below is a breakdown of the permissions required and their purpose:
1. Mail Permissions
Mail.Read: Allows the Phishing Reporter to read the user’s email to retrieve necessary email details such as headers, attachments, and content.
Mail.Read.Shared: Extends read access to shared mailboxes, ensuring that the application can retrieve phishing emails reported from shared accounts.
Mail.ReadWrite: Provides both read and write access to the user’s mailbox, enabling modifications or tagging of emails as needed.
Mail.ReadWrite.Shared: Extends read and write permissions to shared mailboxes for better handling of phishing reports.
Mail.Send: Enables the application to send emails, which may be necessary when forwarding reported phishing emails.
Mail.Send.Shared: Allows the application to send emails from shared mailboxes when the user has the appropriate permissions.
2. User Profile Permissions
profile: Allows the Microsoft Page View Phishing Reporter to retrieve basic user profile information, ensuring accurate reporting and tracking.
Once you accept the permissions, the GRAPH Authorization Successful window will display.
Click the Download button for the Page View button under the Microsoft 365 to download the Microsoft365PhishingReporterAddin.xml file.
Log in to Microsoft 365 Admin Center and go to Add-ins.
Select Deploy Add-in and click Next.
Under Deploy a custom add-in, click Download custom apps.
Select I have the manifesto.xml file.
Click Upload.
Assign the users who will have access to the add-in. We recommend selecting Everyone so the add-in will be installed on every user under the Microsoft 365 tenant.
Select Deployment Method. We recommend selecting Fixed which is the default option.
Click Deploy.
You will receive an email notification confirming your successful deployment. It may take up to 24 hours for the add-in to be displayed on the users' email applications. Users may need to relaunch email applications.
✅ You have now deployed the Phishing Reporter.
Next step is to Setup Incident Responder (only for customers who have purchased the Incident Responder or xHRM package)
Last updated
