Once the Outlook Web Add-in is published via the O365 Admin console, users have access to the add-in within the Android MS Outlook App.

• From within the email, the end user selects the '3 dots/ellipsis' icon (highlighted below) to report it and clicks the 'Phish Mail' icon.

• On first use, the user must authenticate to Azure AD (standard O365 credentials).

• The user now needs to confirm they are happy to report the email as a phishing email. (The text will differ depending on setting.) 

Below is a sample message that could be displayed if a user accidentally reported an email from their own company domain.

• At this point, if it has been clicked in error, the customer can cancel.

• The user is then prompted with a confirmation message to confirm the successful reporting of the email.