Once the Outlook Web Add-in is published via the O365 Admin console, users have access to the add-in within the Outlook web portal.

• The end user clicks the Report a Phish icon to report the currently selected email as a phishing email.

• Alternatively, the user can select the ellipsis (three dots) icon (highlighted below) and click the Report a Phish icon from there.

• The user is then prompted to confirm that they want to report the email as a phishing email. (The confirmation text may vary depending on setting.)

• Below is an example of a message that may appear if a user accidentally reports an email from their own company domain.

  • At this point, if the action was taken in error, the user can cancel.

• Finally, the user will see a confirmation message indicating that the email has been successfully reported.