Set up the Phish Alert Button

Allow users to report suspected phishing emails straight from their mailbox.


In this article, you'll learn how to set up the Phish Alert Button in Microsoft 365.

Currently, the Phish Alert Button only supports Microsoft 365 and is not compatible with Google Workspace.

1. Find the Phish Alert Settings Page

You can find the Phish Alert Settings Page under SMPhish -> Configure Phish Alert Button in the top menu bar within the SiberMate app.


2. Enable the Phish Alert Button

Toggle the Enable Phish Alert Button option ON.


3. (Optional) Enable Forward Suspected Phishing Emails

Toggle this option ON to receive email notifications to a desired email address whenever a user reports a suspected phishing email outside of a simulation. You will then need to populate the fields under this setting.

  • Forwarded Email Recipients
    • Add any email addresses you wish to notify of suspected phishing emails
  • Forwarded Email Subject
    • Text you enter here will be used as the subject line of the notification emails.
    • Use the provided Tokens to make the subject line more informative
  • Forwarded Email Sender Name
    • Enter the desired name to be used as the sender of the email notification.
  • Forwarded Email Sender Address
    • Email address the notification is sent from.
  • Include Suspected Email as EML file attachment
    • Toggling this on will include a reproduction of the suspected email as an EML attachment.
    • You will also need to enable and authorize a message data retrieval method for this feature to work.
  • Include Suspected Email's Attachments in EML File
    • Toggling this on will add the suspected email's attachments to the reproduced EML file
    • Any inline images will only be displayed in the EML file if this feature is enabled.
  • Retrieve Message Data via the MS Graph API on Behalf of a User using SSO
    • Enabling this will produce a much closer reproduction of the original email in the EML attachment.
    • When this feature is enabled, you will be asked to authorize an M365 SSO Service Application during the Phish Alert Button installation This will allow the add-in to retrieve message data from the reporting user's mailbox.
    • If you have previously installed the Phish Alert Button, and enable this feature at a later date, you will need to update your manifest file in M365.
    • This feature will not work on Outlook Mobile as it does not currently support SSO authentication.
  • Once you have finished configuring the Forwarding & Submissions tab, save your changes by clicking the Save button.

4. Download your add-in manifest XML

You will now need to go back to the Add-in Configuration tab on the Phish Alert Button settings page. Use the Download Add-in Manifest XML button in the Outlook Add-in Manifest panel to save a manifest XML file that you'll need to install the phish alert add-in in Outlook.

Next steps

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.