Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

Hybrid Phish Alert Button (PAB) Product Manual

Updated:

Created:

Hybrid PAB Product Manual

The Hybrid Phish Alert Button (PAB) for Microsoft 365 and Microsoft Exchange allows your users to easily report suspicious emails and help protect your organization from cyber attacks. When your users click the PAB to report an email, they can provide your IT team with an early warning about potential threats.

The Hybrid PAB detects your users’ mail clients and automatically configures the best version of the PAB for each user. To learn how to install the Hybrid PAB and how your users can use the PAB in their mail clients, see the sections below.

Note: File attachment limits vary based on the version installed for each user. For more information about the attachment limits for each version, see this section of our FAQ: Phish Alert Button (PAB) article.

Tip: If you use the Phishing feature in our KMSAT console, the Hybrid PAB will also track if your users report our simulated phishing emails. You can use this feature to see which users successfully identify potential threats.

Jump to:
Prerequisites
How to Install the Hybrid PAB

Hybrid PAB User Experience

 

Prerequisites

Before you can install the Hybrid PAB for your organization, your organization will need to have one of the following mail servers:

  • Microsoft Exchange 2013 version 15.0.847.32 (SP1), or a later version
  • Microsoft Exchange 2016 version 15.1.225.42 (RTM), or a later version
  • Microsoft Exchange 2019
  • Microsoft 365

You will also need to enable and configure the PAB from your KMSAT Account Settings before following the steps in this article. To learn how to enable and configure the PAB in your KMSAT account, see the Enable and Configure section of our Phish Alert Button (PAB) Product Manual.

Back to top

 

How to Install the Hybrid PAB

The method that you will use to install the Hybrid PAB for your organization will differ depending on whether you use Microsoft 365 or the Microsoft Exchange Admin Center. To learn how to install the Hybrid PAB using both of these methods, see the subsections below.

Note: The Hybrid PAB does not currently support installation for shared mailboxes.

 

How to Install the PAB for Microsoft 365

To install the PAB for Microsoft 365, follow the steps below: 

  1. Log in to your KMSAT account and click on your email address in the top-right corner of the page.
  2. Select Account Settings.
  3. Navigate to Account Integrations > Phish Alert.
  4. Download the PhishAlertManifest.xml file.
  5. Log in to your Microsoft 365 admin center account.
  6. From the menu on the left side of the page, click Settings.
  7. Select Integrated Apps.
  8. Select Add-ins at the top-right corner of the page. When you click Add-ins, the Add-ins page will open.
  9. On the Add-ins screen, click Deploy Add-In.
  10. Click Next.
  11. From the Deploy a new add-in window, click Upload custom apps.
  12. In the Upload Apps to deploy pop-up window that opens, select the PhishAlertManifest.xml file that you downloaded in step 4 above.
  13. Click Next to install the PAB.
  14. Select which users will have access to the PAB and which method you would like to use to deploy the PAB.
Note: We recommend that you allow all users to access the PAB. We also recommend that you use the Fixed (Default) deployment method. For more information about the deployment methods, see Microsoft's Centralized Deployment FAQ article.

 

How to Install the PAB in the Microsoft Exchange Admin Center

To install the PAB in the Microsoft Exchange Admin Center, follow the steps below: 

  1. Log in to your KMSAT account and click on your email address in the top-right corner of the page.
  2. Select Account Settings
  3. Navigate to Account Integrations > Phish Alert.
  4. Select the Enable Phish Alert check box.
  5. Download the PhishAlertManifest.xml file.
  6. In a new tab in your browser, log in to your Microsoft Exchange Admin Center account.
  7. Navigate to Exchange Admin Center > Organization > Add-ins.
    Note: If you are using Microsoft Exchange 2013 and you have a different Admin Center view, you will need to navigate to Exchange admin center > organization > apps.
  8. From the add-ins page, click the plus icon (+) and select Add from file.
  9. Click the Browse button and select the PhishAlertManifest.xml file that you downloaded in step 5 above.
  10. Click Next.
  11. Make sure that the Make this add-in available to users in your organization check box and the Mandatory, always enabled. Users can't disable this add-in. check box are selected.
  12. Click Save to finish the installation.
Note: The expected timeframe for the PAB to deploy is 24 hours, but timeframes can vary. For more information about deploying add-ins, see Microsoft's Deploy add-ins in the Microsoft 365 admin center article.

Back to top

 

Hybrid PAB User Experience

Once installed, the Hybrid PAB will automatically detect your users’ mail clients and configure the best PAB for each user. The user experience will be different for each user depending on their specific mail client.

Tip: You can also add languages to the Hybrid PAB using our language-aware feature. To learn more about our language-aware feature, see our Adding Languages to the Phish Alert Button article.

If your users use Microsoft Outlook for Windows, they can click the Phish Alert button in the Home tab of the toolbar at the top of an opened email. Then, the PAB will display in the toolbar on the right side of the opened email.

Important: To use the PAB in Microsoft Office, you must enable the Reading Pane. For more information about enabling the Reading Pane, see Microsoft's Use and configure the Reading Pane to preview messages article.

If your users use Microsoft Outlook for Mac, Microsoft 365, or check their email in their browser, the PAB will display in the toolbar on the far-right side of the page.

Note: If your users use Microsoft Outlook for Mac, they can also find the PAB by clicking the ... button in the toolbar at the top of the opened email. If your users would like to add the PAB to the toolbar at the top of the opened email, they can click the Customize Toolbar… button.

Your users can also customize their Microsoft Outlook settings to automatically display the Phish Alert button as an action on a message. From the View tab, they can navigate to View settings > Mail > Customize actions and select the Phish Alert button in the Message surface section. Then, the PAB will display in the top-right corner of a message. For more information about this setting, see Microsoft's Customize actions on your messages in Outlook.com article.

Your users can click the PAB in any of these mail clients to report suspicious emails. If you have enabled the user comments and disposition feature, your users can also add comments and select the disposition of the reported email. For more information, see our Adding User Comments and Email Disposition to the Phish Alert Button article.

When a user clicks the PAB, the reported email will be removed from their inbox and moved to their Sent Items folder as a forwarded email. If a user incorrectly reports an email, they can retrieve the email from their Deleted Items folder or Trash folder.

Note: The PAB uses Campaign Recipient ID (CRID) validation to detect whether or not an email that is marked with a training header is a simulated phishing email. If a message has a valid CRID and is reported for the first time (within the past hour) from the same account where the PAB was installed, it will be treated as simulated. A simulated message will be deleted and only shown as reported in the console instead of forwarded to PhishER.

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles