This section will guide you in how to customize and install the Outlook Suspicious Email Reporter Add-In for users' O365 email boxes. When this add-in has been published, users will see Add-in on their devices (Outlook App, OWA, mobile, tablet, laptop) and use it to report suspicious emails.
Customize Suspicious Email Reporter Add-in
Log in to the dashboard and select the Incident Responder > Phishing Reporter page. Customize each field as required, and once completed, click Save Changes.
Then click Download and download the OWA / Exchange XML add-in file or copy the link.
This download/link will be required later in the installation.
If you want to customize your add-in, please change the following fields in bold when editing the XML file before proceeding to the next steps:
- <ProviderName>Your Company Name</ProviderName>
- <DisplayName DefaultValue="Suspicious E-Mail Reporter"/>
- <Description DefaultValue="It is a phishing reporter button that allows the user to turn it into action when they receive a suspicious mail.This provides SOC teams the ability to detect and block attacks early."/>
- <SupportUrl DefaultValue="https://www.yourcompanydomainhere.com"/>
- <bt:String id="groupLabel" DefaultValue="Your Company Name"/>
- <bt:String id="customTabLabel" DefaultValue="Your Company Name"/>
- <bt:String id="paneReadButtonLabel" DefaultValue="Report as suspicious"/>
- <bt:String id="paneReadSuperTipTitle" DefaultValue="Report as suspicious"/>
- <bt:String id="paneReadSuperTipDescription" DefaultValue="This add-in helps to report suspicious email."/>
Deploying Suspicious Email Reporter O365 Add-in
Log in to your Microsoft 365 Admin Center.
Go to Add-ins.
Click +Deploy Add-in and click Next. Under Deploy a custom add-in, click Upload custom apps.
Select the option to Deploy a new add-in. Select one of the following:
- ‘I have the manifest .xml file’ (the XML file downloaded earlier from Phishing Reporter).
- ‘I have a URL for the manifest file’ (if the copy link option was chosen)
Then click Upload.
Now proceed to Configure Add-in.
Select the Add-in from the Add-in list.
Assign the users who will have access to the add-in. Choose one of the following:
- Everyone: The add-in will be installed on every user under the O365.
- Specific Users / Groups: The add-in will be installed to the chosen group or user.
- Just me: The add-in will be installed on your mail account.
Now proceed to the Deployment Method.
Select the Deployment Method option (it is recommended to choose the option Fixed (Default)).
- Fixed (Default)
After selection, click Deploy.
After deployment is successful, click Next and then Finish to complete the process.
The add-in will now appear in the Add-in list.
A message will appear to say that your add-in has been deployed.
You will also receive an email notification confirming your successful deployment. Important note: It will take up to 12 hours for the add-in to be displayed on users' ribbons - users might need to relaunch Office.
Once the deployment completes, to test that it is successful, launch the applicable Office app to confirm that the add-in is present on the ribbon.
You can force the list of installed add-ins to refresh by launching the Office app and navigating to the Insert tab > My Add-ins > Admin Managed.
How to test installation & deployment
Open your account on Office 365, and report an email as suspicious by using the Phishing Reporter installed on your account.
After the email is reported, you will receive a thank you message.
Now report an email using another device such as mobile to check that the add-in has been successfully installed and deployed. After the email is reported, you will receive a thank you message.