Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

How Do I Use the Phish Alert Button (PAB) for Microsoft 365?

Updated:

Created:

Using the PAB for Microsoft 365

The Phish Alert Button (PAB) is a tool that allows you to report potentially malicious emails, such as phishing emails. When you use the PAB to report a potentially malicious email, you can help keep your organization safe from cyberattacks.

See the sections below to learn how to use the PAB and why you should use it.

Jump to:

When Should I Use the PAB?
How Do I Use the PAB?

Why Should I Use the PAB?


When Should I Use the PAB?

You should use the PAB to report any suspicious emails or potential phishing emails. When you use the PAB to report an email, the email will be automatically deleted from your inbox and forwarded to your IT security team.

You should not use the PAB to report spam or marketing emails. You can delete these types of emails or add the sender or sender's email domain to a block list.

Note: If you need help adding a sender to a block list, contact your supervisor or IT team.

Back to top

 

How Do I Use the PAB?

The steps for reporting an email using the PAB may vary based on the app that you're using. When you report an email using the PAB, the reported email will be automatically forwarded to your IT team regardless of the app that you're using. 

Click the links below to learn how to use the PAB for the apps that you're using:

If you report an email in error, you can retrieve the email from your Trash or Deleted Items folders.

 

Using the PAB in Microsoft 365

If you use Microsoft 365, follow the steps below to report an email with the PAB:

  1. Open the email that you would like to report.
  2. Click the ellipsis icon () at the upper right corner of the email.
    Office 365 PAB
  3. From the drop-down menu that opens, click Phish Alert.
  4. In the prompt that opens, click Phish Alert again to report the email.
    Note: If your admin has enabled the Comments and Dispositions setting for the PAB, you can select a disposition from the Email Classification section. The Unknown option is selected by default. You can also enter a comment about the email you are reporting. Then, click Phish Alert.
  5. After you click Phish Alert again, a message will display to confirm that you reported the email. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. To close this message, click Ok.

Back to top

 

Using the PAB in the Microsoft Outlook Mobile App for Android

If you use the Microsoft Outlook app for Android, follow the steps below to report an email:

  1. Open the email that you would like to report.
  2. Click the vertical ellipsis icon (...) at the upper right corner of the email. Check the rest of the screen if you do not see the button in this location.

  3. Click the Phish Alert icon.

  4. In the pop-up window that opens, click Phish Alert to report the email.
    Note: If your admin has enabled the Comments and Dispositions setting for the PAB, you can select a disposition from the Email Classification section. The Unknown option is selected by default. You can also enter a comment about the email you are reporting. Then, click Phish Alert.
  5. After you click Phish Alert again, a message will display to confirm that you reported the email. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. To close this message, click Ok.

Back to top

 

Using the PAB in the Microsoft Outlook Mobile App for Apple iOS

If you use the Microsoft Outlook app for Apple iOS, follow the steps below to report an email:

  1. Open the email that you would like to report.
  2. Click the ellipsis icon () at the upper right corner of the email.

  3. Click the Phish Alert icon.

  4. In the pop-up window that opens, click Phish Alert again to report the email.
    Note: If your admin has enabled the Comments and Dispositions setting for the PAB, you can select a disposition from the Email Classification section. The Unknown option is selected by default. You can also enter a comment about the email you are reporting. Then, click Phish Alert.
  5. After you click Phish Alert again, a message will display to confirm that you reported the email. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. To close this message, click Ok.

Back to top

 

Why Should I Use the PAB?

When you use the PAB to report suspicious emails, you can help keep your organization safe from security threats. The reported emails are sent to your organization for analysis, which will help keep your IT team informed about potential phishing emails that their employees receive. Once your IT team is aware of potential threats, they can help your organization stay safe from future attacks.

Back to top 

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles