How can I use the Arsen Phish Report add-in on Outlook ?
The Arsen Phish Report button allows your employees to easily and securely report a potential phishing email to your IT security service.
If the email comes from an Arsen simulation, the target’s status will be marked as “Reported” on the Arsen platform.
If the email does not come from Arsen simulation, it is forwarded to the email of your choice (usually a SecOps email address) and then deleted from the user's mailbox.
Prerequisite : Prerequisites for installing the Arsen Phish Report add-in
Step 1 : Download the Arsen Phish Report Button add-in
Step 2 : Testing the Arsen Phish Report add-in on Outlook
The Arsen Phish Report add-in for Outlook is only compatible with:
Outlook 2013 or later on Windows.
Outlook 2016 or later on Mac.
Outlook on iOS and Android
Outlook on the web for Exchange 2023, 2016 or later.
Outlook.com.
The client must be connected to an Exchange or Microsoft 365 server via a direct connection. When configuring the client, the user must have an Exchange, Office, or
Outlook.com type account. Add-ins do not work with clients configured to connect with POP3 or IMAP.
To download the add-in, you need to generate a manifest.xml file directly from the Arsen platform, under the Integrations section.
Enable the integration from the Install add-in tab
Define the email address to which the reported emails will be forwarded. This email is usually your SecOps email address (secops@example.com, phishing@example.com, etc.) or directly the email of the person in charge, depending on your company's internal procedures.
Define the Phish Report Button Text as it will appear in the ribbon and in the Outlook action menu.
Optionally, you can customize the default “thank you” messages.
Click Download Phish Report add-in.
⚠️ It’s recommended to test the add-in to ensure it works as expected before deploying it to all your users.
The method presented here works with Outlook on the web, i.e., the version of Outlook available at https://outlook.com
To test your Outlook add-in with other versions (Outlook 2013, 2016, etc.), please refer to Microsoft's official documentation on this topic.
Access your Microsoft 365 admin center from an account with administrator privileges.
Go to Settings > Integrated Apps and click Upload custom apps.
Under App type, choose Office Add-in, select Upload manifest file (.xml) from device and choose the previously downloaded manifest.xml from the Arsen Platform.
Click Next.
Next, select Yes to the question Is this a test deployment? and select Just me to test the add-in for yourself only before releasing it to all your users.
Click Next.
In the Deployment section, click on the Accept permissions button, you will be prompted to accept the requested permissions. Click Accept to continue and go to the Next step.
Review and click the Finish deployment button.
⚠️ Note that it can take up to six hours for the add-in to appear in Outlook.
Once the deployment is complete and the Phish Report Button add-in appears in your mailbox, you can test its behavior by sending a test campaign to yourself and report the email as phishing.
✅ Once the phishing simulation is reported as phishing, you should see your test email marked as “Reported” within your test campaign target list.
▶️ Although in most cases the deployment of the Outlook add-in is quick and seamless, it is possible that your configuration is specific and requires additional settings. In this case, refer to Microsoft's official documentation for deploying Office add-ins.
Access your Microsoft 365 admin center.
Go to Settings > Integrated Apps and click on the installed add-in. (Report Phishing)
Click Edit users.
Select Entire organization and ensure Is this a test deployment? is set to No.
Click Update.
⚠️ Note that it can take up to six hours for the add-in to appear in Outlook.
If the email comes from an Arsen simulation, the target’s status will be marked as “Reported” on the Arsen platform.
If the email does not come from Arsen simulation, it is forwarded to the email of your choice (usually a SecOps email address) and then deleted from the user's mailbox.
Summary
Prerequisite : Prerequisites for installing the Arsen Phish Report add-in
Step 1 : Download the Arsen Phish Report Button add-in
Step 2 : Testing the Arsen Phish Report add-in on Outlook
Prerequisites for installing the Arsen Phish Report add-in
The Arsen Phish Report add-in for Outlook is only compatible with:
Outlook 2013 or later on Windows.
Outlook 2016 or later on Mac.
Outlook on iOS and Android
Outlook on the web for Exchange 2023, 2016 or later.
Outlook.com.
The client must be connected to an Exchange or Microsoft 365 server via a direct connection. When configuring the client, the user must have an Exchange, Office, or
Outlook.com type account. Add-ins do not work with clients configured to connect with POP3 or IMAP.
Step 1: Download the Arsen Phish Report Button add-in
To download the add-in, you need to generate a manifest.xml file directly from the Arsen platform, under the Integrations section.
Enable the integration from the Install add-in tab
Define the email address to which the reported emails will be forwarded. This email is usually your SecOps email address (secops@example.com, phishing@example.com, etc.) or directly the email of the person in charge, depending on your company's internal procedures.
Define the Phish Report Button Text as it will appear in the ribbon and in the Outlook action menu.
Optionally, you can customize the default “thank you” messages.
Click Download Phish Report add-in.
Step 2: Testing the Arsen Phish Report add-in on Outlook
⚠️ It’s recommended to test the add-in to ensure it works as expected before deploying it to all your users.
The method presented here works with Outlook on the web, i.e., the version of Outlook available at https://outlook.com
To test your Outlook add-in with other versions (Outlook 2013, 2016, etc.), please refer to Microsoft's official documentation on this topic.
Access your Microsoft 365 admin center from an account with administrator privileges.
Go to Settings > Integrated Apps and click Upload custom apps.
Under App type, choose Office Add-in, select Upload manifest file (.xml) from device and choose the previously downloaded manifest.xml from the Arsen Platform.
Click Next.
Next, select Yes to the question Is this a test deployment? and select Just me to test the add-in for yourself only before releasing it to all your users.
Click Next.
In the Deployment section, click on the Accept permissions button, you will be prompted to accept the requested permissions. Click Accept to continue and go to the Next step.
Review and click the Finish deployment button.
⚠️ Note that it can take up to six hours for the add-in to appear in Outlook.
Once the deployment is complete and the Phish Report Button add-in appears in your mailbox, you can test its behavior by sending a test campaign to yourself and report the email as phishing.
✅ Once the phishing simulation is reported as phishing, you should see your test email marked as “Reported” within your test campaign target list.
Step 3 : Deploy the Arsen Phish Report add-in to all users
▶️ Although in most cases the deployment of the Outlook add-in is quick and seamless, it is possible that your configuration is specific and requires additional settings. In this case, refer to Microsoft's official documentation for deploying Office add-ins.
Access your Microsoft 365 admin center.
Go to Settings > Integrated Apps and click on the installed add-in. (Report Phishing)
Click Edit users.
Select Entire organization and ensure Is this a test deployment? is set to No.
Click Update.
⚠️ Note that it can take up to six hours for the add-in to appear in Outlook.
Updated on: 08/04/2024
Thank you!