Hybrid PAB

Share

Is this article helpful?

Last updated:

Hybrid Phish Alert Button (PAB) Product Manual

The Hybrid Phish Alert Button (PAB) for Microsoft 365 and Microsoft Exchange allows your users to easily report suspicious emails and help protect your organization from cyberattacks. When your users click the PAB to report an email, they can provide your IT team with an early warning about potential threats.

Tip: If you use the phishing feature in our KnowBe4 console, the Hybrid PAB will also track if your users report our simulated phishing emails. You can use this feature to see which users successfully identify potential threats.

The Hybrid PAB detects your users’ mail clients and automatically configures the best version of the PAB for each user. To learn how to install the Hybrid PAB and how your users can use the PAB in their mail clients, see the sections below.

Prerequisites and Limitations

Before you can install the Hybrid PAB for your organization, your organization will need to have one of the following mail servers:

  • Microsoft Exchange Subscription Edition
  • Microsoft 365
  • Microsoft Outlook 2021 or later for Mac

If you have a proxy server, a connection to the following is needed to bypass the proxy server or proxy authentication:

  • outlook.office365.com
  • outlook.office.com
  • us.pab.knowbe4.com, eu.pab.knowbe4.com, or ca.pab.knowbe4.com

The domain used will depend on where your KnowBe4 account is located.

You will also need to enable and configure the PAB from your KnowBe4 console Account Settings before following the steps in this article. To learn how to enable and configure the PAB in your KnowBe4 account, see the Enable PAB section of our Phish Alert Button (PAB) Product Manual.

Installing the Hybrid PAB for Microsoft 365

To install the Hybrid PAB in Microsoft 365, follow the steps below:

Accepting Required Permissions

Before installing the Hybrid PAB for Microsoft 365, follow the steps below:

  1. Log in to your KSAT console.
  2. Select your email address in the top-right corner of the page, and select Account Settings.
  3. Navigate to Account Integrations > Phish Alert.
  4. Select the Enable Phish Alert check box.
  5. From the Select PAB Version drop-down menu, select Hybrid PAB.

  6. Select Accept Microsoft Permissions to Authorize GRAPH APIs for the PAB. You will be redirected to the Microsoft 365 login page.

  7. Log in to your Microsoft 365 account using your admin credentials.

  8. Once you log in, the Permissions requested pop-up window will display. Read the permissions, then select Accept.

  9. Once you accept the permissions, the GRAPH Authorization Successful window will display. Select Back to PAB Configuration to return to the Phish Alert settings.

  10. Select Authorize NAA-SSO for GRAPH APIs and repeat steps 6 through 9.

Installing the Hybrid PAB for Microsoft 365

Follow the steps below to install the Hybrid PAB for Microsoft 365:

  1. Select the download icon next to the PAB manifest for Microsoft products option to download the PhishAlertManifest.xml file.

    Note:Each Phish Alert Button (PAB) XML manifest file is unique to the KSAT console based on where it's downloaded. So, if you manage multiple KSAT consoles, you'll need to download and install the correct manifest file for each console separately.
  2. In a new tab of your browser, log in to your Microsoft 365 admin center.
  3. From the menu on the left side of the page, select Settings.

  4. From the Settings drop-down menu, select Integrated apps.

  5. Select Add-ins at the top-right corner of the page. The Add-ins page will open.

  6. On the Add-ins screen, select Deploy Add-In. The Deploy a new add-in pop-up window will open.

  7. In the pop-up window, select Next.

  8. Select Upload custom apps.

  9. Select the I have the manifest file (.xml) on this device option. Then, select Choose File and select the PhishAlertManifest.xml file.

  10. Select Upload to install the PAB. The Configure add-in pop-up window will open.

  11. From the pop-up window, select which users will have access to the PAB and which method you would like to use to deploy the PAB.

    Important:We recommend allowing all users to access the PAB and using the Fixed deployment method.

  12. Select Next, and additional app permissions will display.

  13. Once you have read the permissions, select Save. The Deploy Phish Alert pop-up window will open.

  14. Once the pop-up window displays a confirmation that the add-in has successfully deployed, select Next. The Announce add-in pop-up window will open and display a message about Microsoft’s announcement recommendations.

    Note:After you install and deploy the PAB, you might receive an email from your mail service provider that contains information you can use to help you announce the PAB add-in to your users. KnowBe4 does not send the email about the PAB's intended usage and benefits.

  15. Select Close.

Installing the PAB in the Microsoft Exchange Admin Center

To install the PAB in the Microsoft Exchange Admin Center, follow the steps below:

Accepting Required Permissions

Before installing the Hybrid PAB for Microsoft 365, follow the steps below:

  1. Log in to your KnowBe4 console.
  2. Select your email address in the top-right corner of the page, and select Account Settings.
  3. Navigate to Account Integrations > Phish Alert.
  4. Select the Enable Phish Alert check box.
  5. From the Select PAB Version drop-down menu, select Hybrid PAB.

  6. Select Accept Microsoft Permissions to Authorize GRAPH APIs for the PAB. You will be redirected to the Microsoft 365 login page.

  7. Log in to your Microsoft 365 account using your admin credentials.

  8. Once you log in, the Permissions requested pop-up window will display. Read the permissions, then select Accept.

  9. Once you accept the permissions, the GRAPH Authorization Successful window will display. Select Back to PAB Configuration to return to the Phish Alert settings.

  10. Select Authorize NAA-SSO for GRAPH APIs and repeat steps 6 through 9.

Installing the Hybrid PAB in the Microsoft Exchange Admin Center

Follow the steps below to install the Hybrid PAB in the Microsoft Exchange Admin Center:

  1. Select the download icon next to the PAB manifest for Microsoft products option to download the PhishAlertManifest.xml file.

    Note:Each Phish Alert Button (PAB) XML manifest file is unique to the KSAT console based on where it's downloaded. So, if you manage multiple KSAT consoles, you'll need to download and install the correct manifest file for each console separately.
  2. In a new tab in your browser, log in to your Microsoft Exchange Admin Center account.
  3. Navigate to Exchange Admin Center > organization > add-ins.

  4. From the add-ins page, select the plus icon (+) and select Add from file.

  5. Select Choose File and select the PhishAlertManifest.xml file.

  6. Select Next.

  7. Make sure that the Make this add-in available to users in your organization check box and the Mandatory, always enabled. Users can't disable this add-in. check box are selected.

  8. Select Save to finish the installation.
Note:The expected timeframe for the PAB to deploy can be up to 72 hours, but timeframes can vary. For more information about deploying add-ins, see Microsoft's Deploy add-ins in the Microsoft 365 admin center Deploy add-ins in the Microsoft 365 admin center (link opens in new window) article.

Installing to Shared Mailboxes

The Hybrid PAB supports installation for shared mailboxes shared mailboxes (link opens in new window). This feature requires that Graph API and Nested App Authentication single sign-on (NAA-SSO) permissions are authorized in your Microsoft 365 tenant. See steps 6 through 10 in the Accepting Required Permissions section above for instructions on how to authorize these permissions.

Important: Microsoft Outlook for iOS and Android does not currently support add-ins for shared mailboxes.

Prerequisites for Shared Mailbox Installation

Make sure you meet the requirements below to install the PAB for a shared mailbox:

Important:If you installed the PhishAlertManifest.xml file before February 11, 2025, you will need to uninstall your current Phish Alert instance in Microsoft 365. Then, download and deploy a new PhishAlertManifest.xml file from your KSAT console. See this article's Uninstalling the Hybrid PAB and Installing the Hybrid PAB for Microsoft 365 sections for additional information.

Hybrid PAB User Experience

Once installed, the Hybrid PAB will automatically detect your users’ mail clients and configure the best PAB for each user. The user experience will be different for each user depending on their specific mail client.

Tip:You can also add languages to the Hybrid PAB using our language-aware feature. To learn more about our language-aware feature, see our Phish Alert Button (PAB) Language Aware Feature Guide.

Outlook on the Web User Experience

In Microsoft Outlook on the web, add-ins deployed in integrated apps from the Microsoft 365 admin center are automatically pinned in the ribbon. For more information about managing add-ins, visit Microsoft's Get an Office Add-in for Outlook Get an Office Add-in for Outlook (link opens in new window) article.

You can select the Phish Alert Button, which appears in the ribbon. You can also access the Phish Alert Button in the Apps launcher by selecting the Apps icon in the top-right corner of an open email.

If the PAB does not display in the Apps launcher, you can select Add apps to open the Apps Store. From the Apps drop-down menu, select the Built for your org subtab to view the optional add-ins that your organization has approved. If the PAB add-in is available, you can select Phish Alert and select Add. Then, the PAB will display in the Apps launcher.

Classic Outlook Client User Experience

In the classic version of Microsoft Outlook for Windows, you can select the Phish Alert button in the Home tab of the toolbar at the top of an open email. Then, the PAB will display in the toolbar on the right side of the email.

Important:To use the PAB in Microsoft Outlook, you must enable the Reading Pane. For more information about enabling the Reading Pane, see Microsoft's Use and configure the Reading Pane to preview messages Use and configure the Reading Pane to preview messages (link opens in new window) article.

Microsoft Outlook for Mac User Experience

In Microsoft Outlook for Mac, you can select the PAB add-in that displays in the toolbar on the right side of the page. You can also find the PAB by selecting the ellipsis icon (...) in the toolbar at the top of an open email. To pin the PAB add-in to the toolbar, select the Customize actions button.

Your users can select the PAB in any of these mail clients to report suspicious emails. When a user selects the PAB, the reported email will be removed from their inbox and moved to their Sent Items folder as a forwarded email. If a user incorrectly reports an email, they can retrieve the email from their Deleted Items folder or Trash folder.

Updating and Uninstalling the Hybrid PAB

The method that you will use to uninstall the Hybrid PAB for your organization will differ depending on whether you use Microsoft 365 or the Microsoft Exchange Admin Center. If you need to redeploy the PAB XML manifest file, we recommend first removing your existing PAB installation.

Updating the Hybrid PAB for Microsoft 365

To update the Hybrid PAB for Microsoft 365, follow these steps:

  1. Log in to your KSAT console.
  2. Select your email address in the top-right corner of the page, and select Account Settings.
  3. Navigate to Account Integrations > Phish Alert.
  4. From the Select PAB Version drop-down menu, select Hybrid PAB.
  5. Select the download icon next to the PAB manifest for Microsoft products option to download the PhishAlertManifest.xml file.
  6. Go to Settings > Integrated Apps > Add-ins in your Microsoft 365 admin center Microsoft 365 admin center (link opens in new window).
  7. Find your PAB add-in in the list.
  8. Select the add-in and select Update add-in.
  9. Upload your updated PhishAlertManifest.xml file.
Note:The version number increments with each new manifest file you download (for example, 3.0.0.0 to 3.0.0.1).

Uninstalling the Hybrid PAB for Microsoft 365

To uninstall the Hybrid PAB for Microsoft 365, follow these steps:

  1. Go to Settings > Integrated Apps > Add-ins in your Microsoft 365 admin center Microsoft 365 admin center (link opens in new window).
  2. Find your PAB add-in in the list.
  3. Select the add-in and select Remove Add-In.

Uninstalling the Hybrid PAB for the Exchange Admin Center

If you need to redeploy the PAB XML manifest file, we recommend first removing your existing PAB installation. To uninstall the Hybrid PAB, follow these steps:

  1. Go to Organization > Add-ins in your Exchange admin center.
  2. Find your PAB add-in in the list.
  3. Select the add-in and select Remove Add-In.

Was this article helpful?

9 out of 10 found this helpful

Can't find what you're looking for?

Contact Support