InfoSec - How Do I Use the Phish Alert Button (PAB) for Gmail (Including App)

Why Should I Use the PAB?

When you use the PAB to report suspicious emails, you can help keep your organization safe from security threats. The reported emails are sent to your organization for analysis, which will help keep your IT team informed about potential phishing emails that their employees receive. Once your IT team is aware of potential threats, they can help your organization stay safe from future attacks.

Using the PAB in Gmail

You can report the email right from your inbox if you can tell if it is a Phishing email from the title. Simply check the box near the email as you would to delete it.

Then select the PAB (Phish hook button) to the right of your screen to report it.

If the PAB is not showing up on the right as circled in the picture above. check for the > symbol at the bottom of your email screen (red arrowing pointing to it in photo). Hit this button to expand these options and show the PAB.

After you click Phish Alert again, a message will display. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team.

Using the PAB in the Gmail Mobile App for Android or iPhone

If you use the Gmail app for Android or iPhone, follow the steps below to report an email:

You will need to open the email in question and you will be able to see the PAB at the bottom right hand corner of the email. (as circled in the screenshot below)

Once the Hooked Button is pressed you will be asked to confirm your selection. Hit the Phish alert button.

After you click Mobile Phish Alert, a message will display that congratulates you for reporting the email. To close this message, click OK.