Once the Outlook Web Add-in is published via the O365 Admin console, users have access to the add-in within the iOS MS Outlook App.

• From within the email itself, the end user selects the '3 dots/ellipsis' icon (highlighted below) to report this particular email as a phishing email and clicks the 'Phish Mail' icon.

• On first use, the user must authenticate to Azure AD (standard O365 credentials).

• The user now needs to confirm that they are happy to report the email as a phishing email. (The text will differ depending on setting.)
• Below is a sample message that could be displayed if a user accidentally reported an email from their own company domain.
• At this point, if it has been clicked in error, the customer can cancel.

• The user is then prompted with a confirmation message to confirm the successful reporting of the email.