The Phishing Report Button for Outlook
Give your whole team a one-click way to report suspicious emails — right from the Outlook ribbon. It rewards people for spotting simulations and gets real threats to your security team fast.
Start a free 30-day trialHow the report button works
One button in the Outlook ribbon does the work — no forwarding rules to remember, nothing to copy and paste.
1. Spot & click
An employee sees a suspicious email and clicks Report to PhishSkill in the Outlook ribbon.
2. Reported securely
The add-in reads the message and its original copy and sends it to PhishSkill. It's read-only — the email stays right where it is in the mailbox.
3. Routed for you
PhishSkill works out whether it was one of your simulations or a real suspicious email, and handles each the right way (below).
How your team reports phishing — in one click
- 1Open the suspicious email in Outlook.
- 2Click Report to PhishSkill in the ribbon.
- 3That's it — a banner confirms the report. No headers to copy, no IT ticket to raise. (Want to inspect a suspicious email yourself? Try our free Email Header Analyzer.)
What happens when an email is reported
It was a simulation
The employee earns a positive score on their awareness profile. Reporting — not just deleting or ignoring — is exactly the behaviour you're training, so the button rewards it.
It was a real email
The original message is forwarded to your configured recipients as a `.eml` file and logged in your threat-intel view — so your security team has the full original to investigate and decide. PhishSkill routes it; your team makes the call.
Why a reporting culture matters
A filter that blocks 99% of phishing still lets the dangerous 1% through — and that's the one that reaches a person. The teams that stay safe aren't the ones that never get a phishing email; they're the ones where someone reports it quickly. A one-click button turns every employee into an active reporter, and gives your security team early warning instead of an after-the-fact incident.
Deploy it across your team
Your IT admin installs the add-in for your organisation, and the button appears in everyone's Outlook ribbon. It runs in Outlook for Microsoft 365. If a teammate doesn't see the button, your IT team can re-deploy it to their account.
Frequently asked questions
What is a phishing report button?
It's an Outlook add-in that lets employees flag a suspicious email with a single click, instead of forwarding it manually or ignoring it. The report goes to your security team, and when the email was one of your simulations, the employee is rewarded for reporting it.
How do employees report phishing in Outlook with PhishSkill?
They open the email, click Report to PhishSkill in the Outlook ribbon, and that's it — a banner confirms the report. No headers to copy, no rules to set up.
Does reporting delete the email or move it?
No. The add-in only reads the message to report it — it doesn't delete, move, or change anything in the mailbox. The email stays where it is.
What happens when someone reports a real suspicious email?
The original message is forwarded to your configured recipients as a `.eml` file and logged in your threat-intel view, so your security team has the full original to investigate. PhishSkill doesn't auto-classify it — your team decides.
What happens when someone reports a phishing simulation?
They earn a positive score on their awareness profile. The point of training is to build the reporting habit, so correct reports are recognised — not penalised.
Why can't I see the report button in Outlook?
The add-in is installed by your IT administrator. If it isn't in your ribbon yet, ask your IT team to deploy it to your account.
How is this different from Outlook's built-in report button?
The built-in button reports to Microsoft. PhishSkill's button is part of your awareness programme: it tells your simulations apart from real threats, rewards correct reporting, forwards real reports to your own team, and ties reporting behaviour to your training and metrics.
Turn your team into your first line of defence
The report button comes with PhishSkill's phishing simulations and awareness training — run it across your whole team and watch your reporting rate climb.
Start your free 30-day trial