InfoSec - How Do I Use the Phish Alert Button (PAB) for Microsoft 365?

Why Should I Use the PAB?

When you use the PAB to report suspicious emails, you can help keep your organization safe from security threats. The reported emails are sent to your organization for analysis, which will help keep your IT team informed about potential phishing emails that their employees receive. Once your IT team is aware of potential threats, they can help your organization stay safe from future attacks.

Using the PAB in Microsoft 365

If you use Microsoft 365, follow the steps below to report an email with the PAB:

  • Open the email that you would like to report.
  • Click the button at the top-right corner of the email.

Office 365 PAB

  • From the drop-down menu that opens, click Phish Alert.

  • In the prompt that opens, click Phish Alert again to report the email.

After you click Phish Alert again, a message will display. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. For an example of a message that you may receive if you successfully report a simulated phishing email, see the screenshot below:

Using the PAB in the Microsoft Outlook Mobile App for Android

If you use the Microsoft Outlook app for Android, follow the steps below to report an email:

  • Open the email that you would like to report.
  • Click the ... button at the top-right corner of the screen.

  • Click the Phish Alert icon.

  • In the prompt that opens, click Mobile Phish Alert to report the email.

  • After you click Mobile Phish Alert, a message will display that congratulates you for reporting the email. To close this message, click OK.

Using the PAB in the Microsoft Outlook Mobile App for Apple iOS

If you use the Microsoft Outlook app for Apple iOS, follow the steps below to report an email:

  • Open the email that you would like to report.
  • Click the button at the top-right corner of the screen.

  • Click the Phish Alert icon.

  • In the prompt that opens, click Phish Alert again to report the email.

  • After you click Phish Alert again, a message will display to congratulate you for reporting the email. To close this message, click OK.

GK 062922