Skip to Content

Phish Alert is a powerful Outlook add-in that allows end users to report emails they suspect are attempts at phishing. If the email was part of a simulation, the user is congratulated for spotting it and the report is recorded in simulation results. If the email wasn’t part of a simulation, it is reported to both Cyber Security Specialists and the National Cyber Security Centre (NCSC) for analysis.

If there are any issues throughout this process, please do not hesitate to contact us.

Phish Alert Usage

To use the Phish Alert add-in, simply open the email you wish to report, navigate to the far right of the Home tab, and click the ‘Report Phishing’ button. You will then be greeted by a confirmation prompt, to send the Phishing report click ‘Yes please’.

Phish Alert Quick Access

It is recommended that the report button is added to Quick Access, allowing for easier navigation and use across inboxes without the add-in natively. To do this, simply right click the ‘Report Phishing’ button and select ‘Add to Quick Access Toolbar’. The Report Phishing Quick Access button is in the upper left-hand corner of the window.

Phish Alert Setup

Before beginning the setup process, please ensure you have the add-in .xml file ready. This will have been sent to your organisation via the CS360 email address.

The following steps will guide you through the Phish Alert setup process:

1) Navigate to the Microsoft 365 admin centre (

2) In the left hamburger menu, navigate to Settings, then to Integrated apps.

3) Click Upload custom apps.

4) Under Upload manifest file (.xml) from device select Choose File and upload the add-in .xml file, once uploaded you should see the message ‘Manifest file validated’

5) Continue to the Users section and ensure the test deployment switch is set to no.

6) Assign users you wish to have access to the add-in, we recommend Entire Organization.

7) Proceed to the Permissions & Finish review pages, then complete the process.

8) Note that these changes may take a day or more to apply and can require outlook to be restarted.  Once added you will see the following:

And that’s it – your Organisation will now be able to use the Phish Alert Button to report  any suspected phishing emails!