Involve your employees: give them a single-click means by which to report suspected phishing emails securely.


It’s your organization’s employees that will receive phishing emails and possibly act on them. The action they take will vary greatly depending on how complex and targeted the attack is, but sometimes there are barriers you can erect to protect them. How do employees tell a phishing email? What level of information needs to be provided to them? Can future attacks be prevented?

 All of the answers can be provided through our Microsoft Outlook Reporting plugin.

 The concept is stunningly simple – it consists of a small button that sits in the toolbar of Outlook, the world’s most popular corporate email client. It integrates directly with the user’s account and, if the employee sees something suspicious, they just press the button. There are no calls to service desks, no messy forwarding of emails, no complex procedures to remember. It’s just a simple mouse click.

 In the first instance, the message is sent by secure means, to be analyzed automatically. It can be escalated, if necessary, for further inspection, depending on your configuration. You can even set custom rules to work on the findings: for example, if the email is attempting to impersonate a department or person, you can raise alarm bells more quickly or send an SMS alert to a key individual in your incident response team.

 Over time, you can build up a picture within your organization of the types of emails being received on the front line, the common source domains, particular techniques and other factors which you can then use to improve your message filtering.

 Individual performance metrics can then identify those reporting employees who are extremely accurate at identifying phishing emails, and those who could do with some further support. When combined with our simulated phishing assessments, you can reinforce the procedures involved in reporting suspicious emails to minimize the risk of an employee compromising your security.


  • Empower your employees to help identify potential threats
  • Feed real-time intelligence to your incident response teams
  • React rapidly to identified emails and stop the threat in its tracks
  • Enjoy the Peace of mind of a one-click solution



  • Little or no training required for end users
  • Employee accuracy can be monitored
  • Works in conjunction with our simulated phishing attacks
  • Can be deployed via GPO / server side install methods
  • Customization of reported email workflow
  • Available as a managed identification service