Office 365 - Email - Import "Mark as Phishing" Reports

Avanan administrators can integrate SmartPhish to Office365’s default “Mark as Phishing” buttons. In order to enable this integration, navigate to ConfigurationSecurity App StoreConfigure SmartPhish




Then, select the type of security event that you would like generated on your dashboard when users click “Mark as Phishing”. The two options are Alert and Phishing. 

When enabled, SmartPhish will capture emails sent to This is the default behavior when phishing is reported on both the web and desktop clients. 


Web Client













Desktop Client

























Office365 administrators can add the Report Message add-in to their users’ desktop clients if it is not already enabled. In order to do so, refer to this documentation from Microsoft.

Note that there are no policies, and therefore no automatic remediation, associated with the security events generated by this feature. If you use the Alert security event, a best practice is to add it to your Dashboard so that you can review the user-reported phishing.