Phishing Reporter Customization

This document provides a detailed description of the Phishing Reporter product. You can understand the basic functions of the Phishing Reporter page and use the suspicious email reporter add-in by following this document.

You can access the Phishing Reporter and the menu of related options from the left sidebar of the platform dashboard.

What is the Phishing Reporter?

Phishing Reporter is an add-in that allows users to easily report a suspicious email to cyber security teams. Quick, comprehensive analysis and response can be provided when used in conjunction with the Incident Responder. Further details about the capabilities and requirements are available in this document.

This add-on is compatible with Outlook, Outlook Web Access, Outlook Desktop, Outlook Mobile, Office 365, and Google Workspace environments.

You can download and customize the reporter add-in from the platform interface, as well as see which users currently have the add-in installed.

How to Configure the Phishing Reporter?

Go to the Phishing Reporter page from the left sidebar menu of the dashboard and select Users > Settings.

Customization is available to four features:

1. Add-in Settings

2. Email Settings

3. Other Settings

4. Diagnostic Tool

Add-in Settings

You can easily customize any of the fields in the phishing reporter add-in's appearance and dialog settings. It also supports multiple languages, so you can tailor the add-in to various languages and deploy it to employees in their preferred language. To add a new language, simply click on the "+ Add New Language" button in the "Dialog Box Settings."

Click the Next button to go to the next page and save your changes in the first time customization. When the first customization is done, you can use the Save Changes button to save your changes or use Save and Download button to save your settings and download the add-in immediately.

Email Settings

You can configure the add-in to send a reported email to the SOC or IT team as an attachment in .msg or .eml formats using the "Send Information Email for Reported Incidents" option. You can customize the following settings:

Click the Next button to go to the next page and save your changes in the first time customization. When the first customization is done, you can use the Save Changes button to save your changes or use Save and Download button to save your settings and download the add-in immediately.

Other Settings

You can also customize additional settings.

Click the Next button to go to the next page and save your changes in the first time customization. When the first customization is done, you can use the Save Changes button to save your changes or use Save and Download button to save your settings and download the add-in immediately.

Diagnostic Tool

The Diagnostic Tool provides information about the status of the add-in by sending the statistics of the add-in to the platform regularly. The advanced level of awareness presented makes distribution and regulation of the add-in easier for system admins. For example, if the add-in has been disabled by a user or for any reason, the tool can be used to ensure automatic activation or report the situation to the platform for system admins to be aware of this case.

After completing the configuration steps and customizations, you can click the Save and Download button to download the add-in for your environment.

How to View Which Users Have the Phishing Reporter Add-In Installed?

The Phishing Reporter menu offers the option to view a list of users who have the add-in installed and its activation status.

Video Tutorial

This tutorial provides a detailed description of the Phishing Reporter product. You can understand the basic functions of the Phishing Reporter page and use the suspicious email reporter add-in by following this tutorial.

FAQ

Q: Is the Diagnostic Tool only available for the Outlook Desktop version of the add-on? Can it be used with Office 365 or Google workspace?

A: The Diagnostic Tool is designed specifically for the Outlook Desktop version. There is no need for the Diagnostic Tool for O365 and Google Workspace add-ins.

Q: I performed an update to the add-in. Do I need to uninstall the old version?

A: No. The new version of the add-in will update the old version.

Q: Do I need to update my existing Outlook, Office 365 or Google Workspace add-in if I change the content of the add-on on the platform?

A: You need to redistribute the current version of the add-in in order for any changes to be activated.

Q: When a user reports a suspicious email, can a backup of the reported email be forwarded to the SOC team?

A: Yes. please see more information on the ‘Email Settings’ page.

Q: Can I have a warning pop-up appear before the notification to prevent unintentional emails from being reported after clicking the add-in button?

A: Yes, you can enable the ‘Show confirmation message when reporting email’ option under the Add-in Settings page.

Q: Can I transfer the Phishing Reporter information to my own cybersecurity solutions or monitoring tools?

A: Yes. You can export all information related to Phishing Reporter via REST API using the API document.

Q: Does the add-in will prompt a "Delete" message after reports the phishing/training emails sent by the platform?

A: No, the add-in will first ask if you wish to report it and then will show a message that the admin is customized under the "Turn off email forwarding for reported Phishing Simulation emails" field. There won't be other prompts such as "Do you wish to delete the original email" after report emails sent by the platform.

Q: After the deployment of Phishing Reporter, how can I access it and use it on my OWA account?

A: Log in to your OWA email account and open an email. After that, on the right-hand side, click on the Apps button and click on the Phishing Reporter button to report the suspicious email.