How to Use the Phish Alert Button for Exchange

Your organization may have recently installed the Phish Alert Button (PAB) in your mail client. Learn how this tool works and how you can use it to help keep your organization safe from malicious phishing emails.

When Do I Use the PAB?
How Do I Use the PAB?
Why Should I Use the PAB?

When Do I Use the PAB?

Click the PAB if you believe you have received a phishing email or any potentially dangerous email. Any emails you report using the PAB will be automatically deleted from your inbox. The emails you report will also be forwarded to a designated contact within your organization for analysis.

The PAB should only be used to report emails you believe to have malicious intent. If you are receiving spam or marketing emails, you should not use the PAB to report these. You can delete these types of emails or add the sender or sender's email domain to a block list.

How Do I Use the PAB?

Once the PAB add-in is installed, you will see clickable Phish Alert text appear in any opened email. 

To report an email as a phishing email:

1. Click the Phish Alert text to open a drop-down screen.
2. A prompt will ask you if you want to report the email as a phishing email. Click the Send To IT button to report the email.

Back to top

Why Should I Use the PAB?

Reporting emails will help your organization stay safer. Because the potential phishing emails you report are sent for analysis to your organization, your organization will now be aware of which phishing attacks are able to reach their employee inboxes. Once they're aware of possible vulnerabilities, they can better defend against them. You are an important part of the process of keeping your organization safe from cybercriminals. Stop, Look, and Think!

Back to top