Documentation
Support
In this article
Use the Report Message and Report Phishing add-ins in OutlookUse the Report Message add-in to report junk and phishing messages in OutlookUse the Report Message add-in to report messages that aren't junk in OutlookUse the Report Phishing add-in to report phishing messages in OutlookReview reported messagesMore information
Home
E-Mail Security

Only correct way to report phishing (Microsoft Outlook, M365)

Edited 10 months ago

Use the Report Message and Report Phishing add-ins in Outlook

Use the Report Message add-in to report junk and phishing messages in Outlook

  • Users can report a message as junk from the Inbox or any email folder other than the Junk Email folder.

  • Users can report a message as phishing from any email folder.

  1. In Outlook, do one of the following steps:

    • Select an email message from the list.

    • Open a message.

  2. Do one of the following steps based on your Ribbon Layout configuration in Outlook:

    • Classic Ribbon: Select Report Message, and then select Junk or Phishing in the dropdown list.

    • Simplified Ribbon: Select More commands > Protection section > Report Message > select Junk or Phishing.

Based on the user reported settings in your organization, the messages are sent to the reporting mailbox, to Microsoft, or both. The following actions are also taken on the reported messages in the mailbox:

  • Reported as junk: The messages are moved to the Junk Email folder.

  • Reported as phishing: The messages are deleted.

Use the Report Message add-in to report messages that aren't junk in Outlook

  1. In Outlook, open a message in the Junk Email folder.

  2. Do one of the following steps based on your Ribbon Layout configuration in Outlook:

    • Classic Ribbon: Select Report Message, and then select Not Junk in the dropdown list.

    • Simplified Ribbon: Select More commands > Protection section > Report Message > select Not Junk.

Based on the user reported settings in your organization, the messages are sent to the reporting mailbox, to Microsoft, or both. The messages are also moved out of Junk Email to the Inbox.

Use the Report Phishing add-in to report phishing messages in Outlook

Users can report phishing messages from any email folder.

  1. In Outlook, do one of the following steps:

    • Select an email message from the list.

    • Open a message.

  2. Do one of the following steps based on your Ribbon Layout configuration in Outlook:

    • Classic Ribbon: Select Report Phishing.

    • Simplified Ribbon: Select More commands > Protection section > Phishing

Based on the User reported settings in your organization, the messages are sent to the reporting mailbox, to Microsoft, or both. The messages are also deleted.

Review reported messages

To review messages that users have reported to Microsoft, admins can use the User reported tab on the Submissions page in the Microsoft Defender portal at https://security.microsoft.com/reportsubmission. For more information, see View user reported messages to Microsoft.

Note

If the User reported settings in the organization send user reported messages (email and Microsoft Teams) to Microsoft (exclusively or in addition to the reporting mailbox), we do the same checks as when admins submit messages to Microsoft for analysis from the Submissions page. So, submitting or resubmitting messages to Microsoft is useful to admins only for messages that have never been submitted to Microsoft, or when you disagree with the original verdict.

More information

Admins can watch this short video to learn how to use Microsoft Defender for Office 365 to easily investigate user reported messages. Admins can determine the contents of a message and how to respond by applying the appropriate remediation action.