The Phish Alert Button (PAB) add-in for Exchange 2013/2016 gives your end-users the ability to report suspicious emails and empowers your employees to take an active role in managing the problem of phishing and other types of malicious emails. The tool can also provide your IT or risk management team with early warning of possible phishing attacks or malicious emails so they may take timely and effective actions to prevent security breaches or network compromise.
We encourage you to inform all of your users of this tool before making it accessible. Below are helpful resources that you can use to assist with your implementation of the PAB:
- Best Practices for PAB Implementation (For admins)
- How do I Use the Phish Alert Button for Exchange? (For end-users)
Paid Integration: If you are using our full-featured Phishing and Training console, the PAB will also track if your users report our simulated phishing emails, so you can see which users are successfully identifying potentially malicious emails.
- One of the following mail servers:
- Exchange 2013 - version 15.0.847.32 (SP1) or newer
- Exchange 2016 - version 22.214.171.124 (RTM) or newer
- Office 365
- If you're using Office 365, we recommend installing the Office 365 PAB instead.
- Please note: If your user is using Outlook Online and they turn on "The new Outlook" toggle, the Exchange version of PAB will not display.
- In the admin portal, you must enable and configure your PAB. While in the admin portal, you will also need the following item to begin installation:
- ExchangeManifest.xml file (download)
For instructions on how to enable and configure your PAB in the admin portal, visit our main PAB article.
- Microsoft disables the use of add-ins in shared mailboxes and folders. Users will only be able to access the PAB add-in from their primary mailbox.
- This version of the PAB does not support mobile devices. For mobile support, you must install the Office 365 PAB.
How to install
The below instructions display the Office 365 admin portal. Exchange interfaces will be slightly different.
Step 1: Log in to your mail server Admin portal. Under the Admin centers menu, click Exchange.
Step 2: On the Exchange dashboard screen, click add-ins under the organization heading. This will take you to the Centralized Deployment add-in management screen.
Step 3: From the Centralized Deployment area, click the "+" sign and select the Add from file option.
Step 4: The Add From File pop-up window will open. Click the Choose File button. Then, locate and add the ExchangeManifest.xml file from your Account Settings and click the Next button to install.
Step 5: Ensure the add-in is installed for all of your users (by default, it will be set to disabled). To do this, double-click on the add-in and you will be taken to a screen that will allow you to make the add-in optional or mandatory. We recommend that you make the add-in mandatory, but you can choose to make it optional with an enabled or disabled default.
How the add-in should look once configured in the Exchange area:
If you're installing the PAB add-in on Office 365, it can take up to an hour for the PAB to be visible.
How to uninstall
Step 1: Log in to your mail server Admin portal. Then, navigate to Admin centers > Exchange > dashboard > add-ins
Step 2: Highlight the Phish Alert add-in. Then, click the trash icon.
Once installed, the PAB add-in will appear as clickable Phish Alert text on any open email.
A user can report any email as a phishing email. The reported email will be in the user's Sent Items as a forwarded message and will be deleted from the user's Inbox. If the user incorrectly reported the email, they can retrieve it from their Deleted items/Trash.
To instruct your users on how to use the PAB, you can provide our How do I use the Phish Alert Button for Exchange? article.
- Video: PAB Installation and User Experience
- How Do I Change the Phish Alert Text for Server-Based PAB (Exchange & Office 365)
- Multiple Phish Alert Button Instances (Multi-PAB): Office 365/Exchange