Combined Phish Alert Button with Report Message to Microsoft

Answered

Comments

21 comments

  • Official comment
    Avatar
    Douglas Freeman

    Hello Steve, 

    Thank you for posting to the community board. I see your point about wanting the PAB to integrate with Microsoft for the purposes of improving mail filters and streamlining the product for your users. We don't currently have that functionality in place so I’ve submitted a feature request to our development team to see if that is something we can implement.

    I’ll be following the request so if I get any update from development I’ll follow up on this post! Thank you for your contribution, our Dev team takes these requests seriously and is very interested in implementing enhancements for our users!

    Comment actions Permalink
  • Avatar
    Alex Rourke

    +1 for this feature. It would also be nice if a report spam option was included. We could then use transport rules to route these to Microsoft. There may be some technical limitations doing things this way though. I'd be curious to see if this is possible at all.

    1
    Comment actions Permalink
  • Avatar
    Kaiser U.

    Hey Alex,

    You got it-- I've included your name and details in the feature request for our team to review. I think it will be quite an interesting request due to any possible limitations (as you said). But it is very much worth requesting and discussing as we see more and more of our community give their insights on this request. :) 

    Please let us know if you have any further feedback or suggestions. We'll always be happy to help. 

    Cheers,

    Kaiser 

    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Jennifer Wescott

    +1 and following... (we use Proofpoint as well)

    1
    Comment actions Permalink
  • Avatar
    Jennifer Wescott

    We are currently evaluating the button options we have available (Microsoft/Office 365, Proofpoint, and KnowBe4's PAB) and we are finding it difficult to evaluate whether the other buttons are able to send to KnowBe4 so we can have that reporting. Just to confirm, we currently cannot set up a third-party report button to send copies of phishing emails to phishalert@kb4.io (or another KB4 email) so that we can use the functionality of the other button in addition to retaining the reporting we get from KnowBe4? 

    0
    Comment actions Permalink
  • Avatar
    Kaiser U.

    Hi Jennifer,

    Thanks for participating in this! That's correct. At this time the reporting is specific to the Phish Alert Button. The forwards that occur with the PAB occur within the code specific to the PAB and it's APIs. However, I will gladly put in a request to add additional APIs (seen here) so that it may be possible to integrate the PAB with other reporting tools, outside of the KnowBe4 console, in addition to the original request's details. :) 

    Thanks for reaching out and checking in on this! If you have more questions or concerns feel free to reach back out. We can always create a ticket on your behalf and get them addressed.

    Cheers,

    Kaiser

    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Joe Reynoldson

    +1 and following ... we use O365 with EOP and ATP

    0
    Comment actions Permalink
  • Avatar
    Kaiser U.

    Hi Joe,

    You got it! I've added your  details to the feature request for our development team to review. :) Thanks so much for participating!

    Cheers,

    Kaiser

    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Will Conner

    +1 and following.  We are currently using the Phish Alert button by KnowBe4, however, we will be moving away from it given the new features in O365 and the benefits the O365 button brings in being able to auto-respond to phishing mail and manage investigations.  I love how much the button helps us with our KnowBe4 campaign reporting but active incidents take priority.  I am looking forward to a solution that will communicate with both products.

    1
    Comment actions Permalink
  • Avatar
    Douglas Freeman

    Thank you for your contribution Will

    I'll pass this information over to our development team to make sure that they are aware that this is a request that is being upvoted! 

    We appreciate the feedback! 

    1
    Comment actions Permalink
  • Avatar
    Ivo Svilenski

    Following. Currently evaluating replacing Phish Alert with Report Message. 

    We'll miss the phishing campaign thumbs up and analytics.

    0
    Comment actions Permalink
  • Avatar
    Arnold Dizon

    Following. We also use O365 with EOP and ATP. 

    0
    Comment actions Permalink
  • Avatar
    Michael Rhodes

    Also, my concern is that if enough users are reporting KnowBe4 phishing tests using Microsoft's button, if Microsoft's AI will start blocking the tests even though KnowBe4 is whitelisted in the Exchange config.

    0
    Comment actions Permalink
  • Avatar
    Douglas Freeman

    Hi Michael, 

    I'm glad you brought that item up. Now due to the nature of what we do, Knowbe4's phishing and landing domains do end up on blacklists. We have a system internally to identify anytime our domains end up on blacklists and a removal process to minimize the amount of time that the domains are on that list!

    0
    Comment actions Permalink
  • Avatar
    Ricardo Sousa

    +1 and following. We user O365 too and this would be great as we are having to manually submit the reported phishing emails to Microsoft.

    0
    Comment actions Permalink
  • Avatar
    Ashley Rush (Edited )

    Hello Ricardo,

    Thank you for your contribution! I have submitted your upvote to our development team.

    Ashley
    KnowBe4

    0
    Comment actions Permalink
  • Avatar
    Bill Crahen

    +1 from me as well, and curious if it has any progress!! 

    0
    Comment actions Permalink
  • Avatar
    Douglas Freeman

    Thank you for the +1 Bill I have submitted your upvote to our development team as well. Unfortunately we don't have any information about the progress of the item. 

    We appreciate you contributing to the community board! 

    0
    Comment actions Permalink
  • Avatar
    Evan Templin

    I would love to see this as a feature! But, I think that I found a temporary workaround.

    Microsoft takes manually submitted emails by the email of phish@office365.microsoft.com. If you go into your Account settings in KnowBe4, you can set an email for all non-campaign reported emails to be sent to a email (Account Settings > Phish Alert > "Forward non-simulated phishing emails to:"). When using this setting, it attaches it as a .eml, as requested by Microsoft, and sends a copy of the phishing email as the user who submitted the email (allowing Microsoft to trace it back to your domain). This will allow both KnowBe4 and Microsoft to be able to work together.

    This is not a perfect solution, but I believe this is a viable workaround until we get an answer from the dev team.

    0
    Comment actions Permalink
  • Avatar
    Walter Nelson

    Hi Evan,

    Thank you for contributing that great tip! That is a wonderful workaround for now! I went ahead and added a +1 for you as well to the development team for this feature.

    0
    Comment actions Permalink
  • Avatar
    Michael Rhodes

    I work in the financial industry and do not to allow employees to report phishing emails to outside companies (here, Microsoft).  It doesn't happen often but I've seen employees report phishing but it's a legitimate email with a person's PII in it.  I don't want to give that info to Microsoft engineers.

    0
    Comment actions Permalink

Please sign in to leave a comment.