Import O365 "Mark as Phishing" clicks to Avanan

Avanan administrators can integrate SmartPhish to Office365’s default “Mark as Phishing” buttons. In order to enable this integration, navigate to ConfigurationSecurity App StoreConfigure SmartPhish

 

image2

 

Then, select the type of security event that you would like generated on your dashboard when users click “Mark as Phishing”. The two options are Alert and Phishing. 

When enabled, SmartPhish will capture emails sent to phish@office365.microsoft.com. This is the default behavior when phishing is reported on both the web and desktop clients. 

 

Web Client

image3

 

 

 

 

 

 

 

 

 

 

 

Desktop Client

image5

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

image1

 

 

 

 

 

 

Office365 administrators can add the Report Message add-in to their users’ desktop clients if it is not already enabled. In order to do so, refer to this documentation from Microsoft.

Note that there are no policies, and therefore no automatic remediation, associated with the security events generated by this feature. If you use the Alert security event, a best practice is to add it to your Dashboard so that you can review the user-reported phishing.

 

image4