Once the Outlook Web Add-in is published via the O365 Admin console, users have access to the add-in within the Android MS Outlook App.
1. From within the email, the end user selects the 3 dots (highlighted below) to report it, and clicks the Phish Mail icon:
2. On first use, the user must authenticate to Azure AD (Standard O365 credentials):
3. User to confirm they are happy to report the email as a phishing email. (Text will differ depending on setting.) Below is a sample message that could be displayed if a user accidentally reported an email from their own company domain, at which point the customer can cancel - if clicked in error.
4. User prompted with confirmation message to confirm successful reporting of email:
