How to Use the PAB for Microsoft Exchange

Your organization may have recently installed the Phish Alert Button (PAB) in your mail client. Learn how this tool works and how you can use it to help keep your organization safe from malicious phishing emails.

Jump to:

When Do I Use the PAB?
How Do I Use the PAB?
Why Should I Use the PAB?

When Do I Use the PAB?

Click the PAB if you believe you have received a phishing email or any potentially dangerous email. Any emails you report using the PAB will be automatically deleted from your inbox. The emails you report will also be forwarded to a designated contact in your organization for analysis.

The PAB should only be used to report emails you believe to have malicious intent. If you are receiving spam or marketing emails, you should not use the PAB to report these. You can delete these types of emails or add the sender or sender's email domain to a block list.

Back to top

How Do I Use the PAB?

Once the PAB add-in is installed, you will see a Phish Alert button appear in any opened email. 

To report an email as a phishing email, follow the steps below:

1. Click the Phish Alert button to open a drop-down screen.
2. A prompt will ask you if you want to report the email as a phishing email. Click the Send To IT button to report the email.

Once you’ve reported an email with the PAB, you’ll see a Success notification.

Back to top

Why Should I Use the PAB?

By reporting emails, you help your organization stay safe. Reported emails are sent to your organization for analysis. So, your organization will know which phishing attacks are reaching employees' inboxes. Once your organization is aware of possible vulnerabilities, it can better defend against them. You are an important part of the process of keeping your organization safe. Stop, look, and think!

Back to top